diff options
author | stuebinm | 2021-02-18 15:51:08 +0100 |
---|---|---|
committer | stuebinm | 2021-02-18 15:51:08 +0100 |
commit | bfae9d9bfa90a0189d943ca865fa046f510b9922 (patch) | |
tree | a4acce736d20be7cb9694a3a8fe860bd06224adc | |
parent | 8788bba867874725439a76dc94891e4438568650 (diff) |
Safer option injection to build scripts
Nix isn't very typesafe, but apparently there is at least a `escapeShellArg`
function which makes things safe for shell execution.
Diffstat (limited to '')
-rw-r--r-- | front/default.nix | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/front/default.nix b/front/default.nix index dc3f115..5385de3 100644 --- a/front/default.nix +++ b/front/default.nix @@ -86,8 +86,8 @@ in replace-literal -efsr '"@types/quill": "^1.3.7",' ' '; replace-literal -efsr '"quill": "^1.3.7",' ' '; '' - + (if envVars ? DEFAULT_MAP_URL then ''replace-literal -efs -r -x .ts "/Floor0/floor0.json" "${envVars.DEFAULT_MAP_URL}";'' else "") - + (if envVars ? STUN_SERVER then ''replace-literal -efs -r -x .ts "stun:stun.l.google.com:19302" "${envVars.STUN_SERVER}";'' else ""); + + (if envVars ? DEFAULT_MAP_URL then ''replace-literal -efs -r -x .ts "/Floor0/floor0.json" ${lib.escapeShellArg envVars.DEFAULT_MAP_URL};'' else "") + + (if envVars ? STUN_SERVER then ''replace-literal -efs -r -x .ts "stun:stun.l.google.com:19302" ${lib.escapeShellArg envVars.STUN_SERVER};'' else ""); buildPhase = '' mkdir -p $out |