Loading nixos/modules/services/networking/nsd.nix +5 −13 Original line number Diff line number Diff line Loading @@ -152,9 +152,7 @@ let copyKeys = concatStrings (mapAttrsToList (keyName: keyOptions: '' secret=$(cat "${keyOptions.keyFile}") dest="${stateDir}/private/${keyName}" echo " secret: \"$secret\"" > "$dest" chown ${username}:${username} "$dest" chmod 0400 "$dest" install -m 0400 -o "${username}" -g "${username}" <(echo " secret: \"$secret\"") "$dest" '') cfg.keys); Loading Loading @@ -447,9 +445,7 @@ let dnssecTools = pkgs.bind.override { enablePython = true; }; signZones = optionalString dnssec '' mkdir -p ${stateDir}/dnssec chown ${username}:${username} ${stateDir}/dnssec chmod 0600 ${stateDir}/dnssec install -m 0600 -o "${username}" -g "${username}" -d "${stateDir}/dnssec" ${concatStrings (mapAttrsToList signZone dnssecZones)} ''; Loading Loading @@ -940,9 +936,9 @@ in rm -Rf "${stateDir}/private/" rm -Rf "${stateDir}/tmp/" mkdir -m 0700 -p "${stateDir}/private" mkdir -m 0700 -p "${stateDir}/tmp" mkdir -m 0700 -p "${stateDir}/var" install -dm 0700 -o "${username}" -g "${username}" "${stateDir}/private" install -dm 0700 -o "${username}" -g "${username}" "${stateDir}/tmp" install -dm 0700 -o "${username}" -g "${username}" "${stateDir}/var" cat > "${stateDir}/don't touch anything in here" << EOF Everything in this directory except NSD's state in var and dnssec Loading @@ -950,10 +946,6 @@ in the nsd.service pre-start script. EOF chown ${username}:${username} -R "${stateDir}/private" chown ${username}:${username} -R "${stateDir}/tmp" chown ${username}:${username} -R "${stateDir}/var" rm -rf "${stateDir}/zones" cp -rL "${nsdEnv}/zones" "${stateDir}/zones" Loading Loading
nixos/modules/services/networking/nsd.nix +5 −13 Original line number Diff line number Diff line Loading @@ -152,9 +152,7 @@ let copyKeys = concatStrings (mapAttrsToList (keyName: keyOptions: '' secret=$(cat "${keyOptions.keyFile}") dest="${stateDir}/private/${keyName}" echo " secret: \"$secret\"" > "$dest" chown ${username}:${username} "$dest" chmod 0400 "$dest" install -m 0400 -o "${username}" -g "${username}" <(echo " secret: \"$secret\"") "$dest" '') cfg.keys); Loading Loading @@ -447,9 +445,7 @@ let dnssecTools = pkgs.bind.override { enablePython = true; }; signZones = optionalString dnssec '' mkdir -p ${stateDir}/dnssec chown ${username}:${username} ${stateDir}/dnssec chmod 0600 ${stateDir}/dnssec install -m 0600 -o "${username}" -g "${username}" -d "${stateDir}/dnssec" ${concatStrings (mapAttrsToList signZone dnssecZones)} ''; Loading Loading @@ -940,9 +936,9 @@ in rm -Rf "${stateDir}/private/" rm -Rf "${stateDir}/tmp/" mkdir -m 0700 -p "${stateDir}/private" mkdir -m 0700 -p "${stateDir}/tmp" mkdir -m 0700 -p "${stateDir}/var" install -dm 0700 -o "${username}" -g "${username}" "${stateDir}/private" install -dm 0700 -o "${username}" -g "${username}" "${stateDir}/tmp" install -dm 0700 -o "${username}" -g "${username}" "${stateDir}/var" cat > "${stateDir}/don't touch anything in here" << EOF Everything in this directory except NSD's state in var and dnssec Loading @@ -950,10 +946,6 @@ in the nsd.service pre-start script. EOF chown ${username}:${username} -R "${stateDir}/private" chown ${username}:${username} -R "${stateDir}/tmp" chown ${username}:${username} -R "${stateDir}/var" rm -rf "${stateDir}/zones" cp -rL "${nsdEnv}/zones" "${stateDir}/zones" Loading
