nixos/pretalx: fix state directory mode

The state directory contains static files that need to be accessible by
a webserver, but homeMode defaults to 0750 and switching the generation
will always force the homeMode, thereby breaking access to the assets.

Instead, fully rely on systemd to provide the StateDirectory with the
correct mode.
This commit is contained in:
Martin Weinelt 2024-05-09 16:13:13 +02:00
parent a4193dba8f
commit b4b3165619
No known key found for this signature in database
GPG key ID: 87C1E9888F856759

View file

@ -329,7 +329,11 @@ in
serviceConfig = { serviceConfig = {
User = "pretalx"; User = "pretalx";
Group = "pretalx"; Group = "pretalx";
StateDirectory = [ "pretalx" "pretalx/media" ]; StateDirectory = [
"pretalx"
"pretalx/media"
];
StateDirectoryMode = "0750";
LogsDirectory = "pretalx"; LogsDirectory = "pretalx";
WorkingDirectory = cfg.settings.filesystem.data; WorkingDirectory = cfg.settings.filesystem.data;
SupplementaryGroups = [ "redis-pretalx" ]; SupplementaryGroups = [ "redis-pretalx" ];
@ -403,11 +407,9 @@ in
}; };
users = { users = {
groups."${cfg.group}" = {}; groups.${cfg.group} = {};
users."${cfg.user}" = { users.${cfg.user} = {
isSystemUser = true; isSystemUser = true;
createHome = true;
home = cfg.settings.filesystem.data;
inherit (cfg) group; inherit (cfg) group;
}; };
}; };