summaryrefslogtreecommitdiff
path: root/Propellor/Property/OpenId.hs
diff options
context:
space:
mode:
Diffstat (limited to 'Propellor/Property/OpenId.hs')
-rw-r--r--Propellor/Property/OpenId.hs13
1 files changed, 11 insertions, 2 deletions
diff --git a/Propellor/Property/OpenId.hs b/Propellor/Property/OpenId.hs
index c397bdb8..b896180f 100644
--- a/Propellor/Property/OpenId.hs
+++ b/Propellor/Property/OpenId.hs
@@ -4,8 +4,10 @@ import Propellor
import qualified Propellor.Property.File as File
import qualified Propellor.Property.Apt as Apt
import qualified Propellor.Property.Service as Service
+import Utility.FileMode
import Data.List
+import System.Posix.Files
providerFor :: [UserName] -> String -> Property
providerFor users baseurl = propertyList desc $
@@ -16,11 +18,18 @@ providerFor users baseurl = propertyList desc $
(map setbaseurl) "/etc/simpleid/config.inc"
] ++ map identfile users
where
- identfile u = File.hasPrivContent $ concat
- [ "/var/lib/simpleid/identities/", u, ".identity" ]
url = "http://"++baseurl++"/simpleid"
desc = "openid provider " ++ url
setbaseurl l
| "SIMPLEID_BASE_URL" `isInfixOf` l =
"define('SIMPLEID_BASE_URL', '"++url++"');"
| otherwise = l
+
+ identfile u = combineProperties desc
+ [ File.hasPrivContent f
+ -- the identitites directory controls access, so open up
+ -- file mode
+ , File.mode f (combineModes (ownerWriteMode:readModes))
+ ]
+ where
+ f = concat $ [ "/var/lib/simpleid/identities/", u, ".identity" ]
generated by cgit v1.3-2-g0d8e (git 2.53.0) at 2026-06-21 06:20:14 +0000