gador/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/postgresql: escape initdbArgs

Browse Source 
It doesn't look correct that this isn't the case already.
This commit is contained in:
Maximilian Bosch
2024-09-29 20:43:30 +02:00
parent 0e78dc369c
commit 11d1f8776c
3 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
nixos/doc/manual/release-notes/rl-2411.section.md
View File

@@ -569,6 +569,8 @@
- `restic` module now has an option for inhibiting system sleep while backups are running, defaulting to off (not inhibiting sleep), available as [`services.restic.backups.<name>.inhibitsSleep`](#opt-services.restic.backups._name_.inhibitsSleep).
- The arguments from [](#opt-services.postgresql.initdbArgs) now get shell-escaped.
- Support for *runner registration tokens* has been [deprecated](https://gitlab.com/gitlab-org/gitlab/-/issues/380872)
in `gitlab-runner` 15.6 and is expected to be removed in `gitlab-runner` 18.0. Configuration of existing runners
should be changed to using *runner authentication tokens* by configuring

4
nixos/modules/services/databases/postgresql.md
View File

@@ -187,7 +187,7 @@ $ nix-instantiate --eval -A postgresql_13.psqlSchema
```
For an upgrade, a script like this can be used to simplify the process:
```nix
{ config, pkgs, ... }:
{ config, lib, pkgs, ... }:
{
environment.systemPackages = [
(let
@@ -211,7 +211,7 @@ For an upgrade, a script like this can be used to simplify the process:
install -d -m 0700 -o postgres -g postgres "$NEWDATA"
cd "$NEWDATA"
sudo -u postgres $NEWBIN/initdb -D "$NEWDATA" ${builtins.concatStringsSep " " cfg.initdbArgs}
sudo -u postgres $NEWBIN/initdb -D "$NEWDATA" ${lib.escapeShellArgs cfg.initdbArgs}
sudo -u postgres $NEWBIN/pg_upgrade \
--old-datadir "$OLDDATA" --new-datadir "$NEWDATA" \

3
nixos/modules/services/databases/postgresql.nix
View File

@@ -7,6 +7,7 @@ let
concatStringsSep
const
elem
escapeShellArgs
filterAttrs
isString
literalExpression
@@ -545,7 +546,7 @@ in
rm -f ${cfg.dataDir}/*.conf
# Initialise the database.
initdb -U ${cfg.superUser} ${concatStringsSep " " cfg.initdbArgs}
initdb -U ${cfg.superUser} ${escapeShellArgs cfg.initdbArgs}
# See postStart!
touch "${cfg.dataDir}/.first_startup"