Unverified Commit 8907c101 authored by Niklas Hambüchen's avatar Niklas Hambüchen Committed by GitHub
Browse files

Merge pull request #309424 from NixOS/ReadWriteDirectories-ReadWritePaths 

nixos/{zoneminder,caddy,traefik}: ReadWriteDirectories -> ReadWritePaths
parents e1b75a40 9d7a7292

nixos/modules/services/misc/zoneminder.nix

+1 −1
Original line number Diff line number Diff line
@@ -350,7 +350,7 @@ in { 
          RestartSec = "10s";

          CacheDirectory = dirs cacheDirs;

          RuntimeDirectory = dirName;

          ReadWriteDirectories = lib.mkIf useCustomDir [ cfg.storageDir ];

          ReadWritePaths = lib.mkIf useCustomDir [ cfg.storageDir ];

          StateDirectory = dirs (lib.optionals (!useCustomDir) libDirs);

          LogsDirectory = dirName;

          PrivateTmp = true;

nixos/modules/services/security/step-ca.nix

+1 −1
Original line number Diff line number Diff line
@@ -107,7 +107,7 @@ in 
          UMask = "0077";

          Environment = "HOME=%S/step-ca";

          WorkingDirectory = ""; # override upstream

          ReadWriteDirectories = ""; # override upstream

          ReadWritePaths = ""; # override upstream



          # LocalCredential handles file permission problems arising from the use of DynamicUser.

          LoadCredential = "intermediate_password:${cfg.intermediatePasswordFile}";

nixos/modules/services/web-servers/caddy/default.nix

+2 −1
Original line number Diff line number Diff line
@@ -360,6 +360,7 @@ in 
      serviceConfig = let

        runOptions = ''--config ${configPath} ${optionalString (cfg.adapter != null) "--adapter ${cfg.adapter}"}'';

      in {

        # Override the `ExecStart` line from upstream's systemd unit file by our own:

        # https://www.freedesktop.org/software/systemd/man/systemd.service.html#ExecStart=

        # If the empty string is assigned to this option, the list of commands to start is reset, prior assignments of this option will have no effect.

        ExecStart = [ "" ''${cfg.package}/bin/caddy run ${runOptions} ${optionalString cfg.resume "--resume"}'' ];
@@ -367,7 +368,7 @@ in 
        ExecReload = [ "" ''${cfg.package}/bin/caddy reload ${runOptions} --force'' ];

        User = cfg.user;

        Group = cfg.group;

        ReadWriteDirectories = cfg.dataDir;

        ReadWritePaths = [ cfg.dataDir ];

        StateDirectory = mkIf (cfg.dataDir == "/var/lib/caddy") [ "caddy" ];

        LogsDirectory = mkIf (cfg.logDir == "/var/log/caddy") [ "caddy" ];

        Restart = "on-failure";

nixos/modules/services/web-servers/traefik.nix

+1 −1
Original line number Diff line number Diff line
@@ -170,7 +170,7 @@ in { 
        PrivateDevices = true;

        ProtectHome = true;

        ProtectSystem = "full";

        ReadWriteDirectories = cfg.dataDir;

        ReadWritePaths = [ cfg.dataDir ];

        RuntimeDirectory = "traefik";

      };

    };