nixos/matrix-synapse: add media_store_path to services ReadWritePaths

Currently, when setting a custom media_store_path, which lies outside of
cfg.dataDir, the current ReadWritePaths make it so that Synapse can't
access the media_store_path. So add the media_store_path to
ReadWritePaths to fix that.
This commit is contained in:
Julian Schacher 2023-10-09 02:27:05 +02:00
parent 7ae736453e
commit 722e9df2fb
No known key found for this signature in database
GPG key ID: 094C2AC34192FA11

View file

@ -1070,7 +1070,7 @@ in {
ProtectKernelTunables = true; ProtectKernelTunables = true;
ProtectProc = "invisible"; ProtectProc = "invisible";
ProtectSystem = "strict"; ProtectSystem = "strict";
ReadWritePaths = [ cfg.dataDir ]; ReadWritePaths = [ cfg.dataDir cfg.settings.media_store_path ];
RemoveIPC = true; RemoveIPC = true;
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ]; RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ];
RestrictNamespaces = true; RestrictNamespaces = true;