diff options
author | Graham Christensen <graham@grahamc.com> | 2019-06-25 18:04:22 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-06-25 18:04:22 -0400 |
commit | 38c28ef10c54bf4899d467854e893842cffb4de6 (patch) | |
tree | a4b38800f30b0c9d794715dc1c2c7f193570b011 /nixos/modules/services/misc | |
parent | 880bc93fc0ad44ea5b973e532c338afeb70d2a71 (diff) | |
parent | de6e5ea8152b29c975096d7d4b7d0938874ee37a (diff) | |
download | nixpkgs-38c28ef10c54bf4899d467854e893842cffb4de6.tar nixpkgs-38c28ef10c54bf4899d467854e893842cffb4de6.tar.gz nixpkgs-38c28ef10c54bf4899d467854e893842cffb4de6.tar.bz2 nixpkgs-38c28ef10c54bf4899d467854e893842cffb4de6.tar.lz nixpkgs-38c28ef10c54bf4899d467854e893842cffb4de6.tar.xz nixpkgs-38c28ef10c54bf4899d467854e893842cffb4de6.tar.zst nixpkgs-38c28ef10c54bf4899d467854e893842cffb4de6.zip |
Merge pull request #56265 from aanderse/permissions-start-only
replace deprecated usage of PermissionsStartOnly (part 2)
Diffstat (limited to 'nixos/modules/services/misc')
-rw-r--r-- | nixos/modules/services/misc/apache-kafka.nix | 9 | ||||
-rw-r--r-- | nixos/modules/services/misc/couchpotato.nix | 7 | ||||
-rw-r--r-- | nixos/modules/services/misc/gollum.nix | 15 | ||||
-rw-r--r-- | nixos/modules/services/misc/octoprint.nix | 7 |
4 files changed, 13 insertions, 25 deletions
diff --git a/nixos/modules/services/misc/apache-kafka.nix b/nixos/modules/services/misc/apache-kafka.nix index 363ac4411e1..9eeae955699 100644 --- a/nixos/modules/services/misc/apache-kafka.nix +++ b/nixos/modules/services/misc/apache-kafka.nix @@ -131,6 +131,8 @@ in { home = head cfg.logDirs; }; + systemd.tmpfiles.rules = map (logDir: "d '${logDir} 0700 apache-kafka - - -") cfg.logDirs; + systemd.services.apache-kafka = { description = "Apache Kafka Daemon"; wantedBy = [ "multi-user.target" ]; @@ -145,15 +147,8 @@ in { ${serverConfig} ''; User = "apache-kafka"; - PermissionsStartOnly = true; SuccessExitStatus = "0 143"; }; - preStart = '' - mkdir -m 0700 -p ${concatStringsSep " " cfg.logDirs} - if [ "$(id -u)" = 0 ]; then - chown apache-kafka ${concatStringsSep " " cfg.logDirs}; - fi - ''; }; }; diff --git a/nixos/modules/services/misc/couchpotato.nix b/nixos/modules/services/misc/couchpotato.nix index 70aa895f76d..528af486b41 100644 --- a/nixos/modules/services/misc/couchpotato.nix +++ b/nixos/modules/services/misc/couchpotato.nix @@ -19,16 +19,11 @@ in after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; - preStart = '' - mkdir -p /var/lib/couchpotato - chown -R couchpotato:couchpotato /var/lib/couchpotato - ''; - serviceConfig = { Type = "simple"; User = "couchpotato"; Group = "couchpotato"; - PermissionsStartOnly = "true"; + StateDirectory = "couchpotato"; ExecStart = "${pkgs.couchpotato}/bin/couchpotato"; Restart = "on-failure"; }; diff --git a/nixos/modules/services/misc/gollum.nix b/nixos/modules/services/misc/gollum.nix index d1823bc6d4d..7653b415bf0 100644 --- a/nixos/modules/services/misc/gollum.nix +++ b/nixos/modules/services/misc/gollum.nix @@ -75,27 +75,24 @@ in users.groups.gollum = { }; + systemd.tmpfiles.rules = [ + "d '${cfg.stateDir}' - ${config.users.users.gollum.name} ${config.users.groups.gollum.name} - -" + ]; + systemd.services.gollum = { description = "Gollum wiki"; after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; path = [ pkgs.git ]; - preStart = let - userName = config.users.users.gollum.name; - groupName = config.users.groups.gollum.name; - in '' - # All of this is safe to be run on an existing repo - mkdir -p ${cfg.stateDir} + preStart = '' + # This is safe to be run on an existing repo git init ${cfg.stateDir} - chmod 755 ${cfg.stateDir} - chown -R ${userName}:${groupName} ${cfg.stateDir} ''; serviceConfig = { User = config.users.users.gollum.name; Group = config.users.groups.gollum.name; - PermissionsStartOnly = true; ExecStart = '' ${pkgs.gollum}/bin/gollum \ --port ${toString cfg.port} \ diff --git a/nixos/modules/services/misc/octoprint.nix b/nixos/modules/services/misc/octoprint.nix index 52ae25201c3..8950010773c 100644 --- a/nixos/modules/services/misc/octoprint.nix +++ b/nixos/modules/services/misc/octoprint.nix @@ -97,6 +97,10 @@ in gid = config.ids.gids.octoprint; }); + systemd.tmpfiles.rules = [ + "d '${cfg.stateDir}' - ${cfg.user} ${cfg.group} - -" + ]; + systemd.services.octoprint = { description = "OctoPrint, web interface for 3D printers"; wantedBy = [ "multi-user.target" ]; @@ -105,7 +109,6 @@ in environment.PYTHONPATH = makeSearchPathOutput "lib" pkgs.python.sitePackages [ pluginsEnv ]; preStart = '' - mkdir -p "${cfg.stateDir}" if [ -e "${cfg.stateDir}/config.yaml" ]; then ${pkgs.yaml-merge}/bin/yaml-merge "${cfg.stateDir}/config.yaml" "${cfgUpdate}" > "${cfg.stateDir}/config.yaml.tmp" mv "${cfg.stateDir}/config.yaml.tmp" "${cfg.stateDir}/config.yaml" @@ -113,14 +116,12 @@ in cp "${cfgUpdate}" "${cfg.stateDir}/config.yaml" chmod 600 "${cfg.stateDir}/config.yaml" fi - chown -R ${cfg.user}:${cfg.group} "${cfg.stateDir}" ''; serviceConfig = { ExecStart = "${pkgs.octoprint}/bin/octoprint serve -b ${cfg.stateDir}"; User = cfg.user; Group = cfg.group; - PermissionsStartOnly = true; }; }; |