Unverified Commit 722e9df2 authored by Julian Schacher's avatar Julian Schacher
Browse files

nixos/matrix-synapse: add media_store_path to services ReadWritePaths 

Currently, when setting a custom media_store_path, which lies outside of
cfg.dataDir, the current ReadWritePaths make it so that Synapse can't
access the media_store_path. So add the media_store_path to
ReadWritePaths to fix that.
parent 7ae73645

nixos/modules/services/matrix/synapse.nix

+1 −1
Original line number Diff line number Diff line
@@ -1070,7 +1070,7 @@ in { 
            ProtectKernelTunables = true;

            ProtectProc = "invisible";

            ProtectSystem = "strict";

            ReadWritePaths = [ cfg.dataDir ];

            ReadWritePaths = [ cfg.dataDir cfg.settings.media_store_path ];

            RemoveIPC = true;

            RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ];

            RestrictNamespaces = true;