From 81391bd22fe9c33c556563bab062da95ecdc15c0 Mon Sep 17 00:00:00 2001 From: Joris Bolsens Date: Wed, 14 Feb 2024 14:42:02 -0800 Subject: [PATCH] nixos/kubernetes: set k8 home permissions correctly --- nixos/modules/services/cluster/kubernetes/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/nixos/modules/services/cluster/kubernetes/default.nix b/nixos/modules/services/cluster/kubernetes/default.nix index 3fb916c76971..a920b6cb1268 100644 --- a/nixos/modules/services/cluster/kubernetes/default.nix +++ b/nixos/modules/services/cluster/kubernetes/default.nix @@ -285,7 +285,7 @@ in { systemd.tmpfiles.rules = [ "d /opt/cni/bin 0755 root root -" "d /run/kubernetes 0755 kubernetes kubernetes -" - "d /var/lib/kubernetes 0755 kubernetes kubernetes -" + "d ${cfg.dataDir} 0755 kubernetes kubernetes -" ]; users.users.kubernetes = { @@ -294,6 +294,7 @@ in { group = "kubernetes"; home = cfg.dataDir; createHome = true; + homeMode = "755"; }; users.groups.kubernetes.gid = config.ids.gids.kubernetes;