From dc29a45fc9dedef9d93aa9061b2aeb15c8844d5a Mon Sep 17 00:00:00 2001
From: talyz <kim.lindberger@gmail.com>
Date: Wed, 9 Oct 2019 16:12:16 +0200
Subject: [PATCH] nixos/gitlab: Don't print sensitive data to log on startup

gitlab:db:configure prints the root user's password to stdout on
successful setup, which means it will be logged to the
journal. Silence this informational output. Errors are printed to
stderr and will thus still be let through.
---
 nixos/modules/services/misc/gitlab.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nixos/modules/services/misc/gitlab.nix b/nixos/modules/services/misc/gitlab.nix
index 2e840e272883..20b87af23a5a 100644
--- a/nixos/modules/services/misc/gitlab.nix
+++ b/nixos/modules/services/misc/gitlab.nix
@@ -851,7 +851,7 @@ in {
 
             initial_root_password="$(<'${cfg.initialRootPasswordFile}')"
             ${gitlab-rake}/bin/gitlab-rake gitlab:db:configure GITLAB_ROOT_PASSWORD="$initial_root_password" \
-                                                               GITLAB_ROOT_EMAIL='${cfg.initialRootEmail}'
+                                                               GITLAB_ROOT_EMAIL='${cfg.initialRootEmail}' > /dev/null
 
             # We remove potentially broken links to old gitlab-shell versions
             rm -Rf ${cfg.statePath}/repositories/**/*.git/hooks