From ea1eb4ee0fa44dd4cd37e8ece2634370d1c2b0d2 Mon Sep 17 00:00:00 2001
From: Marek Beyer <101728675+mbey-mw@users.noreply.github.com>
Date: Thu, 28 Sep 2023 13:48:56 +0200
Subject: nixos/nginx: add systemd-tmpfiles exclusion of temporary directories

Directories used by nginx in the tmp path are only created upon startup and
must not be deleted while nginx is running.
---
 nixos/modules/services/web-servers/nginx/default.nix | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'nixos')

diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix
index 62e0a8940e2..955d6e19064 100644
--- a/nixos/modules/services/web-servers/nginx/default.nix
+++ b/nixos/modules/services/web-servers/nginx/default.nix
@@ -1340,6 +1340,11 @@ in
       nginx.gid = config.ids.gids.nginx;
     };
 
+    # do not delete the default temp directories created upon nginx startup
+    systemd.tmpfiles.rules = [
+      "X /tmp/systemd-private-%b-nginx.service-*/tmp/nginx_*"
+    ];
+
     services.logrotate.settings.nginx = mapAttrs (_: mkDefault) {
       files = "/var/log/nginx/*.log";
       frequency = "weekly";
-- 
cgit 1.4.1