Skip to content
Snippets Groups Projects
Commit ed75f617 authored by Jean-Paul Calderone's avatar Jean-Paul Calderone
Browse files

Pass around the Ristretto signing key *path*

The new version of PaymentServer has incompatible changes that require this.
parent 0da49839
Branches
No related tags found
1 merge request!22Deploy a PaymentServer with CORS
......@@ -26,8 +26,7 @@
services.private-storage-issuer = {
enable = true;
# XXX This should be passed as a path.
ristrettoSigningKey = builtins.readFile (./.. + ristrettoSigningKeyPath);
ristrettoSigningKeyPath = ./.. + ristrettoSigningKeyPath;
stripeSecretKeyPath = ./.. + stripeSecretKeyPath;
database = "SQLite3";
databasePath = "/var/db/vouchers.sqlite3";
......
......@@ -41,12 +41,12 @@ in {
algorithm or Ristretto for Ristretto-flavored PrivacyPass.
'';
};
services.private-storage-issuer.ristrettoSigningKey = lib.mkOption {
services.private-storage-issuer.ristrettoSigningKeyPath = lib.mkOption {
default = null;
type = lib.types.str;
type = lib.types.path;
description = ''
The Ristretto signing key to use. Required if the issuer is
``Ristretto``.
The path to a file containing the Ristretto signing key to use.
Required if the issuer is ``Ristretto``.
'';
};
services.private-storage-issuer.stripeSecretKeyPath = lib.mkOption {
......@@ -116,7 +116,7 @@ in {
issuerArgs =
if cfg.issuer == "Trivial"
then "--issuer Trivial"
else "--issuer Ristretto --signing-key ${cfg.ristrettoSigningKey}";
else "--issuer Ristretto --signing-key-path ${cfg.ristrettoSigningKeyPath}";
databaseArgs =
if cfg.database == "Memory"
then "--database Memory"
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment