diff options
| author | Nicolas Benes <nbenes.gh@xandea.de> | 2022-11-21 21:02:11 +0100 |
|---|---|---|
| committer | Nicolas Benes <nbenes.gh@xandea.de> | 2025-10-11 19:48:32 +0200 |
| commit | 2b5981c5c79b351611c705b11d56f20bbb27c5fa (patch) | |
| tree | f75e0cb2014cb82a0ab2cc12f7c7a3c591759269 /pkgs/development/python-modules/termplotlib/gnuplot-subprocess.patch | |
| parent | b5a31418d521927f9a834f6c7817513510d53a14 (diff) | |
fetchgitlab: pass private tokens/passwords
Allow the fetcher to authenticate with user name and password.
Note: as of now, GitLab ignores the user name (it must be set, but the
value does not matter) but this may change in the future:
https://gitlab.com/gitlab-org/gitlab/-/issues/212953
Credentials can be passed to the nix-daemon, for example, via a
read-protected `EnvironmentFile`:
```console
$ ls -l /to/secrets.txt
-rw------- 1 root root 100 Nov 1 10:42 /to/secrets.txt
```
In /to/secrets.txt:
```
# for `fetchFromGitLab { private=true; ... }`
NIX_GITLAB_PRIVATE_USERNAME=whatever
NIX_GITLAB_PRIVATE_PASSWORD=glpat-the-access-token
# for `fetchFromGitLab { private=true; varPrefix="EXAMPLE"; ... }`
NIX_EXAMPLE_GITLAB_PRIVATE_USERNAME=whatever
NIX_EXAMPLE_GITLAB_PRIVATE_PASSWORD=glpat-another-access-token
```
In /etc/nixos/configuration.nix:
```nix
{ config, pkgs, ... }:
{
systemd.services.nix-daemon.serviceConfig.EnvironmentFile =
"/to/secrets.txt";
}
```
GitLab supports HTTP Basic Authentication (credentials in `.netrc` file)
only if accessed via Git. Access via the GitLab API requires a custom
header (e.g. `PRIVATE-TOKEN`) instead. See:
* https://docs.gitlab.com/ee/user/project/settings/project_access_tokens.html#project-access-tokens
* https://docs.gitlab.com/ee/api/rest/authentication.html#personalprojectgroup-access-tokens
Diffstat (limited to 'pkgs/development/python-modules/termplotlib/gnuplot-subprocess.patch')
0 files changed, 0 insertions, 0 deletions