provide a warning on password options that do not follow the read-from-file convention.

2013-07-02 06:03:52 +02:00 · 2013-07-02 06:03:52 +02:00 · a099f7008b
commit a099f7008b
parent 3d7cc5e217
2 changed files with 4 additions and 3 deletions
--- a/modules/programs/ssmtp.nix
+++ b/modules/programs/ssmtp.nix
@ -75,7 +75,7 @@ let
        default = "";
        example = "correctHorseBatteryStaple";
        description = "
-          Password used for SMTP auth.
+          Password used for SMTP auth. (STORED PLAIN TEXT, WORLD-READABLE IN NIX STORE)
        ";
      };

--- a/modules/services/databases/redis.nix
+++ b/modules/services/databases/redis.nix
@ -122,12 +122,13 @@ in
        default = null;
        description = ''If the master is password protected (using the requirePass configuration)
        it is possible to tell the slave to authenticate before starting the replication synchronization
-        process, otherwise the master will refuse the slave request.'';
+        process, otherwise the master will refuse the slave request.
+        (STORED PLAIN TEXT, WORLD-READABLE IN NIX STORE)'';
      };

      requirePass = mkOption {
        default = null;
-        description = "Password for database";
+        description = "Password for database (STORED PLAIN TEXT, WORLD-READABLE IN NIX STORE)";
        example = "letmein!";
      };