From 62db72e49fc292f302ce78e9c9d6472fa156e0f3 Mon Sep 17 00:00:00 2001
From: Hilton Chain <hako@ultrarare.space>
Date: Sat, 29 Jul 2023 18:59:31 +0800
Subject: [PATCH] services: cloudflare-tunnel: Set token in environment
 variable.

* rosenthal/services/child-error.scm (cloudflare-tunnel-shepherd-service)
[start]<#:environment-variables>: Set token here to avoid seeing it in `ps'.
---
 rosenthal/services/child-error.scm | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/rosenthal/services/child-error.scm b/rosenthal/services/child-error.scm
index bf6ad1b..b66c581 100644
--- a/rosenthal/services/child-error.scm
+++ b/rosenthal/services/child-error.scm
@@ -170,7 +170,6 @@ headers.  This can expose sensitive information in your logs.")
                             #$@extra-tunnel-options
 
                             "run"
-                            "--token" #$token
                             #$@(if http2-origin?
                                    '("--http2-origin")
                                    '())
@@ -180,7 +179,9 @@ headers.  This can expose sensitive information in your logs.")
                             #$@extra-options)
                       #:user "nobody"
                       #:group "nogroup"
-                      #:log-file #$log-file))
+                      #:log-file #$log-file
+                      #:environment-variables
+                      (list (format #f "TUNNEL_TOKEN=~a" #$token))))
             (stop #~(make-kill-destructor)))))))
 
 (define cloudflare-tunnel-service-type