diff options
author | Aneesh Agrawal <aneeshusa@gmail.com> | 2022-01-02 04:07:11 -0500 |
---|---|---|
committer | Aneesh Agrawal <aneeshusa@gmail.com> | 2022-01-02 21:13:07 -0500 |
commit | 8729e8e26102554a235b53c9e327b0ca6ebea8bb (patch) | |
tree | 2056b64825000c067490ae0269007b6b747a0600 /nixos/modules/services/backup | |
parent | 4bc4c7f1a0c4df808c3e7f0953dd780f6b8a0dd5 (diff) | |
download | nixpkgs-8729e8e26102554a235b53c9e327b0ca6ebea8bb.tar nixpkgs-8729e8e26102554a235b53c9e327b0ca6ebea8bb.tar.gz nixpkgs-8729e8e26102554a235b53c9e327b0ca6ebea8bb.tar.bz2 nixpkgs-8729e8e26102554a235b53c9e327b0ca6ebea8bb.tar.lz nixpkgs-8729e8e26102554a235b53c9e327b0ca6ebea8bb.tar.xz nixpkgs-8729e8e26102554a235b53c9e327b0ca6ebea8bb.tar.zst nixpkgs-8729e8e26102554a235b53c9e327b0ca6ebea8bb.zip |
nixos/restic-rest-server: Autocreate empty .htpasswd if needed for service boot
When `privateRepos = true`, the service will not start if the `.htpasswd` does not exist. Use `systemd-tmpfiles` to autocreate an (empty) file to ensure the service can boot before actual `htpasswd` contents are registered. This is safe as restic-rest-server will deny all entry if the file is empty.
Diffstat (limited to 'nixos/modules/services/backup')
-rw-r--r-- | nixos/modules/services/backup/restic-rest-server.nix | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/nixos/modules/services/backup/restic-rest-server.nix b/nixos/modules/services/backup/restic-rest-server.nix index 86744637f85..4717119f178 100644 --- a/nixos/modules/services/backup/restic-rest-server.nix +++ b/nixos/modules/services/backup/restic-rest-server.nix @@ -95,6 +95,10 @@ in }; }; + systemd.tmpfiles.rules = mkIf cfg.privateRepos [ + "f ${cfg.dataDir}/.htpasswd 0700 restic restic -" + ]; + users.users.restic = { group = "restic"; home = cfg.dataDir; |