From c737bed42f73f3ee1be576f5f739d4fc3d713f40 Mon Sep 17 00:00:00 2001 From: MaxHearnden Date: Wed, 19 Oct 2022 16:24:01 +0100 Subject: [PATCH] Fix insecure advice in the manual Bring the manual in line with the configuration documentation --- doc/manual/src/projects.md | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/doc/manual/src/projects.md b/doc/manual/src/projects.md index 95174f1b..a399406d 100644 --- a/doc/manual/src/projects.md +++ b/doc/manual/src/projects.md @@ -378,13 +378,18 @@ This section describes how it can be implemented for `gitea`, but the approach f analogous: * [Obtain an API token for your user](https://docs.gitea.io/en-us/api-usage/#authentication) -* Add it to your `hydra.conf` like this: +* Add it to a file which only users in the hydra group can read like this: see [including files](configuration.md#including-files) for more information + ``` + + your_username=your_token + + ``` + +* Include the file in your `hydra.conf` like this: ``` nix { services.hydra-dev.extraConfig = '' - - your_username=your_token - + Include /path/to/secret/file ''; } ```