diff options
author | Silas Schöffel <sils@sils.li> | 2024-06-01 17:13:19 +0200 |
---|---|---|
committer | Silas Schöffel <sils@sils.li> | 2024-06-01 17:13:19 +0200 |
commit | 34996d7cbbfa5d66b823ca7787ef72eec9c224ab (patch) | |
tree | 5ec3af4da0cd370205d5fa66d4df4c3148d14875 | |
parent | fix(system/services/invidious): set db.user to invidious (diff) | |
download | nixos-server-34996d7cbbfa5d66b823ca7787ef72eec9c224ab.tar.gz nixos-server-34996d7cbbfa5d66b823ca7787ef72eec9c224ab.zip |
feat(etebase)!: disable etebase-server
Sadly, it's author didn't manage to update to a newer version of django before the used version (3.2) reached EOL and was affected by CVE-2024-27351. It's unreasonable to continue using it.
-rw-r--r-- | system/services/etebase/default.nix | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/system/services/etebase/default.nix b/system/services/etebase/default.nix index 65cc435..2d1a740 100644 --- a/system/services/etebase/default.nix +++ b/system/services/etebase/default.nix @@ -1,6 +1,8 @@ {config, ...}: { services.etebase-server = { - enable = true; + # FIXME: etebase uses an insecure database backend + # (django3.2). We should consider alternatives. + enable = false; port = 8001; settings = { global.secret_file = "${config.age.secrets.etebase-server.path}"; |