htpasswd -> mkpasswd

2024-11-11 11:29:17 +05:00 · 2022-11-27 19:14:22 +00:00 · 2022-11-27 19:14:22 +00:00 · a40e9c3abb
commit a40e9c3abb
parent 004c229ca4
8 changed files with 22 additions and 22 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -3,11 +3,11 @@ hydra-pr:
    - merge_requests
  image: nixos/nix
  script:
-    - nix --extra-experimental-features nix-command run -f channel:nixos-unstable hydra-cli -- -H https://hydra.nix-community.org jobset-wait simple-nixos-mailserver ${CI_MERGE_REQUEST_IID}
+    - nix-shell -I nixpkgs=channel:nixos-unstable -p hydra-cli --run 'hydra-cli -H https://hydra.nix-community.org jobset-wait simple-nixos-mailserver ${CI_MERGE_REQUEST_IID}'

 hydra-master:
  only:
    - master
  image: nixos/nix
  script:
-    - nix --extra-experimental-features nix-command run -f channel:nixos-unstable hydra-cli -- -H https://hydra.nix-community.org jobset-wait simple-nixos-mailserver master
+    - nix-shell -I nixpkgs=channel:nixos-unstable -p hydra-cli --run 'hydra-cli -H https://hydra.nix-community.org jobset-wait simple-nixos-mailserver master'
--- a/README.md
+++ b/README.md
@ -96,7 +96,7 @@ D9FE 4119 F082 6F15 93BD  BD36 6162 DBA5 635E A16A
       domains = [ "example.com" "example2.com" ];
       loginAccounts = {
           "user1@example.com" = {
-               # nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2 > /hashed/password/file/location
+               # nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt' > /hashed/password/file/location
               hashedPasswordFile = "/hashed/password/file/location";

               aliases = [
--- a/default.nix
+++ b/default.nix
@ -72,10 +72,10 @@ in
            default = null;
            example = "$6$evQJs5CFQyPAW09S$Cn99Y8.QjZ2IBnSu4qf1vBxDRWkaIZWOtmu1Ddsm3.H3CFpeVc0JU4llIq8HQXgeatvYhh5O33eWG3TSpjzu6/";
            description = ''
-              The user's hashed password. Use `htpasswd` as follows
+              The user's hashed password. Use `mkpasswd` as follows

              ```
-              nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2
+              nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
              ```

              Warning: this is stored in plaintext in the Nix store!
@ -88,10 +88,10 @@ in
            default = null;
            example = "/run/keys/user1-passwordhash";
            description = ''
-              A file containing the user's hashed password. Use `htpasswd` as follows
+              A file containing the user's hashed password. Use `mkpasswd` as follows

              ```
-              nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2
+              nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
              ```
            '';
          };
@ -184,11 +184,11 @@ in
      };
      description = ''
        The login account of the domain. Every account is mapped to a unix user,
-        e.g. `user1@example.com`. To generate the passwords use `htpasswd` as
+        e.g. `user1@example.com`. To generate the passwords use `mkpasswd` as
        follows

        ```
-        nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2
+        nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
        ```
      '';
      default = {};
--- a/docs/add-radicale.rst
+++ b/docs/add-radicale.rst
@ -4,8 +4,8 @@ Add Radicale
 Configuration by @dotlambda

 Starting with Radicale 3 (first introduced in NixOS 20.09) the traditional
-crypt passwords, as generated by `mkpasswd`, are no longer supported.  Instead
-bcrypt passwords have to be used which can be generated using `htpasswd`.
+crypt passwords are no longer supported.  Instead bcrypt passwords
+have to be used. These can still be generated using `mkpasswd -m bcrypt`.

 .. code:: nix

--- a/docs/options.rst
+++ b/docs/options.rst
@ -458,11 +458,11 @@ mailserver.loginAccounts
 ------------------------

 The login account of the domain. Every account is mapped to a unix user,
-e.g. `user1@example.com`. To generate the passwords use `htpasswd` as
+e.g. `user1@example.com`. To generate the passwords use `mkpasswd` as
 follows

 ```
-nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2
+nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
 ```


@ -496,10 +496,10 @@ Note: Does not allow sending from all addresses of these domains.
 mailserver.loginAccounts.<name>.hashedPassword
 ----------------------------------------------

-The user's hashed password. Use `htpasswd` as follows
+The user's hashed password. Use `mkpasswd` as follows

 ```
-nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2
+nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
 ```

 Warning: this is stored in plaintext in the Nix store!
@ -513,10 +513,10 @@ Use `hashedPasswordFile` instead.
 mailserver.loginAccounts.<name>.hashedPasswordFile
 --------------------------------------------------

-A file containing the user's hashed password. Use `htpasswd` as follows
+A file containing the user's hashed password. Use `mkpasswd` as follows

 ```
-nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2
+nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
 ```


--- a/docs/setup-guide.rst
+++ b/docs/setup-guide.rst
@ -70,7 +70,7 @@ these should be the most common ones.
       domains = [ "example.com" ];

       # A list of all login accounts. To create the password hashes, use
-       # nix run nixpkgs.apacheHttpd -c htpasswd -nbB "" "super secret password" | cut -d: -f2
+       # nix-shell -p mkpasswd --run 'mkpasswd -sm bcrypt'
       loginAccounts = {
           "user1@example.com" = {
               hashedPasswordFile = "/a/file/containing/a/hashed/password";
--- a/tests/internal.nix
+++ b/tests/internal.nix
@ -29,8 +29,8 @@ let

  hashPassword = password: pkgs.runCommand
    "password-${password}-hashed"
-    { buildInputs = [ pkgs.apacheHttpd ]; } ''
-      htpasswd -nbB "" "${password}" | cut -d: -f2 > $out
+    { buildInputs = [ pkgs.mkpasswd ]; inherit password; } ''
+      mkpasswd -sm bcrypt <<<"$password" > $out
    '';

  hashedPasswordFile = hashPassword "my-password";
--- a/tests/multiple.nix
+++ b/tests/multiple.nix
@ -5,9 +5,9 @@
 let
    hashPassword = password: pkgs.runCommand
      "password-${password}-hashed"
-      { buildInputs = [ pkgs.apacheHttpd ]; }
+      { buildInputs = [ pkgs.mkpasswd ]; inherit password; }
      ''
-        htpasswd -nbB "" "${password}" | cut -d: -f2 > $out
+        mkpasswd -sm bcrypt <<<"$password" > $out
      '';

    password = pkgs.writeText "password" "password";