From b4b316561944d9916be8c40bcd70a7dc672ca067 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Thu, 9 May 2024 16:13:13 +0200 Subject: [PATCH] nixos/pretalx: fix state directory mode The state directory contains static files that need to be accessible by a webserver, but homeMode defaults to 0750 and switching the generation will always force the homeMode, thereby breaking access to the assets. Instead, fully rely on systemd to provide the StateDirectory with the correct mode. --- nixos/modules/services/web-apps/pretalx.nix | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/nixos/modules/services/web-apps/pretalx.nix b/nixos/modules/services/web-apps/pretalx.nix index b062a8b7eeea..e0ce6e72e1b5 100644 --- a/nixos/modules/services/web-apps/pretalx.nix +++ b/nixos/modules/services/web-apps/pretalx.nix @@ -329,7 +329,11 @@ in serviceConfig = { User = "pretalx"; Group = "pretalx"; - StateDirectory = [ "pretalx" "pretalx/media" ]; + StateDirectory = [ + "pretalx" + "pretalx/media" + ]; + StateDirectoryMode = "0750"; LogsDirectory = "pretalx"; WorkingDirectory = cfg.settings.filesystem.data; SupplementaryGroups = [ "redis-pretalx" ]; @@ -403,11 +407,9 @@ in }; users = { - groups."${cfg.group}" = {}; - users."${cfg.user}" = { + groups.${cfg.group} = {}; + users.${cfg.user} = { isSystemUser = true; - createHome = true; - home = cfg.settings.filesystem.data; inherit (cfg) group; }; };