diff options
| author | Graham Christensen <graham@grahamc.com> | 2019-06-25 18:04:22 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-06-25 18:04:22 -0400 |
| commit | 38c28ef10c54bf4899d467854e893842cffb4de6 (patch) | |
| tree | a4b38800f30b0c9d794715dc1c2c7f193570b011 /nixos/modules/services/networking/unifi.nix | |
| parent | 880bc93fc0ad44ea5b973e532c338afeb70d2a71 (diff) | |
| parent | de6e5ea8152b29c975096d7d4b7d0938874ee37a (diff) | |
| download | nixpkgs-38c28ef10c54bf4899d467854e893842cffb4de6.tar nixpkgs-38c28ef10c54bf4899d467854e893842cffb4de6.tar.gz nixpkgs-38c28ef10c54bf4899d467854e893842cffb4de6.tar.bz2 nixpkgs-38c28ef10c54bf4899d467854e893842cffb4de6.tar.lz nixpkgs-38c28ef10c54bf4899d467854e893842cffb4de6.tar.xz nixpkgs-38c28ef10c54bf4899d467854e893842cffb4de6.tar.zst nixpkgs-38c28ef10c54bf4899d467854e893842cffb4de6.zip | |
Merge pull request #56265 from aanderse/permissions-start-only
replace deprecated usage of PermissionsStartOnly (part 2)
Diffstat (limited to 'nixos/modules/services/networking/unifi.nix')
| -rw-r--r-- | nixos/modules/services/networking/unifi.nix | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/nixos/modules/services/networking/unifi.nix b/nixos/modules/services/networking/unifi.nix index c82e0af2803..9057a1e12b3 100644 --- a/nixos/modules/services/networking/unifi.nix +++ b/nixos/modules/services/networking/unifi.nix @@ -146,6 +146,11 @@ in where = where; }) mountPoints; + systemd.tmpfiles.rules = [ + "e '${stateDir}' 0700 unifi - - -" + "e '${stateDir}/data' 0700 unifi - - -" + ]; + systemd.services.unifi = { description = "UniFi controller daemon"; wantedBy = [ "multi-user.target" ]; @@ -157,14 +162,9 @@ in environment.LD_LIBRARY_PATH = with pkgs.stdenv; "${cc.cc.lib}/lib"; preStart = '' - # Ensure privacy of state and data. - chown unifi "${stateDir}" "${stateDir}/data" - chmod 0700 "${stateDir}" "${stateDir}/data" - # Create the volatile webapps rm -rf "${stateDir}/webapps" mkdir -p "${stateDir}/webapps" - chown unifi "${stateDir}/webapps" ln -s "${cfg.unifiPackage}/webapps/ROOT" "${stateDir}/webapps/ROOT" ''; @@ -177,7 +177,6 @@ in ExecStart = "${(removeSuffix "\n" cmd)} start"; ExecStop = "${(removeSuffix "\n" cmd)} stop"; User = "unifi"; - PermissionsStartOnly = true; UMask = "0077"; WorkingDirectory = "${stateDir}"; }; |