docuseal: init on caliban#1063
Conversation
| # <<< TODO: upstream this to nixpkgs if it's still needed >>> | ||
| # Found this on <https://github.com/Lassulus/superconfig/blob/68e5ec9431675bfb663339c030f4c46fc5c1b516/2configs/docuseal.nix#L31-L33> | ||
| # <<< # relax syscall filter — Rails/Ruby needs more syscalls than the default allows | ||
| # <<< SystemCallFilter = pkgs.lib.mkForce [ ]; | ||
| # <<< SystemCallArchitectures = pkgs.lib.mkForce ""; |
There was a problem hiding this comment.
@Lassulus, can you provide any info on this? Should this be upstreamed to the docuseal nixos module?
There was a problem hiding this comment.
No, they should not be forced to an empty list.
There was a problem hiding this comment.
noo, I was just lazy and time constrained
There was a problem hiding this comment.
@Lassulus, do you remember what you ran into? I've uploaded documents, sent emails, added signatures all without relaxing these.
This completes NixOS#972
| # Keep this in sync with <../secrets/docuseal-noreply-email-login.umbriel>. | ||
| sopsFile = ../secrets/docuseal-noreply-email-login.caliban; |
There was a problem hiding this comment.
This is just a copy of the secret used on umbriel to configure the SMTP account. To avoid duplicating it, I could tweak https://github.com/NixOS/infra/blob/main/non-critical-infra/.sops.yaml somehow to allow for secrets accessible by both umbriel and caliban.
Guidance appreciated.
imincik
left a comment
imincik
left a comment
There was a problem hiding this comment.
Configuration looks OK and is very similar to what I have for https://docuseal.imincik.app/
5 participants
Draft because I'm currently deploying to umbriel and testing it out before I try setting up SMTP.
This completes #972