Commit 04967c30 authored by Shiva Kaul's avatar Shiva Kaul Committed by tomf
Browse files

nixos/spiped: remove broken chmod's from preStart 

Remove `chmod`s which were (1) broken and (2) no longer considered good Nix practice.
parent dc53c7ec

nixos/modules/services/networking/spiped.nix

+5 −15
Original line number Diff line number Diff line
@@ -62,11 +62,11 @@ in 
              keyfile = mkOption {

                type    = types.path;

                description = ''

                  Name of a file containing the spiped key. As the

                  daemon runs as the `spiped` user, the

                  key file must be somewhere owned by that user. By

                  default, we recommend putting the keys for any spipe

                  services in `/var/lib/spiped`.

                  Name of a file containing the spiped key.

                  As the daemon runs as the `spiped` user,

                  the key file must be readable by that user.

                  To securely manage the file within your configuration

                  consider a tool such as agenix or sops-nix.

                '';

              };
@@ -185,22 +185,12 @@ in 
      serviceConfig = {

        Restart   = "always";

        User      = "spiped";

        PermissionsStartOnly = true;

      };



      preStart  = ''

        cd /var/lib/spiped

        chmod -R 0660 *

        chown -R spiped:spiped *

      '';

      scriptArgs = "%i";

      script = "exec ${pkgs.spiped}/bin/spiped -F `cat /etc/spiped/$1.spec`";

    };



    systemd.tmpfiles.rules = lib.mkIf (cfg.config != { }) [

      "d /var/lib/spiped -"

    ];



    # Setup spiped config files

    environment.etc = mapAttrs' (name: cfg: nameValuePair "spiped/${name}.spec"

      { text = concatStringsSep " "