diff --git a/lib/fudo/jabber.nix b/lib/fudo/jabber.nix index a048063..3905e76 100644 --- a/lib/fudo/jabber.nix +++ b/lib/fudo/jabber.nix @@ -19,6 +19,8 @@ let }; }; + config-dir = dirOf cfg.config-file; + concatMapAttrs = f: attrs: foldr (a: b: a // b) {} (mapAttrs f attrs); @@ -185,14 +187,7 @@ in { }; }) cfg.sites; - system = let - config-dir = dirOf cfg.config-file; - in { - ensure-directories.${config-dir} = { - user = cfg.user; - perms = "0700"; - }; - + system = { services.ejabberd-config-generator = let config-generator = enter-secrets config-file-template cfg.secret-files cfg.config-file; @@ -212,7 +207,7 @@ in { systemd = { tmpfiles.rules = [ - "D '${dirOf cfg.config-file}' 0550 ${cfg.user} ${cfg.group} - -" + "d '${config-dir}' 0700 ${cfg.user} ${cfg.group} - -'" ]; services = { diff --git a/lib/fudo/kdc.nix b/lib/fudo/kdc.nix index c093080..4f481d8 100644 --- a/lib/fudo/kdc.nix +++ b/lib/fudo/kdc.nix @@ -373,15 +373,11 @@ in { # }; }; - fudo.system = { - ensure-directories = { - "${state-directory}" = { - user = cfg.user; - group = cfg.group; - perms = "0740"; - }; - }; + systemd.tmpfiles.rules = [ + "d ${state-directory} 0740 ${cfg.user} ${cfg.group} - -" + ]; + fudo.system = { services = if master-server then { heimdal-kdc = let diff --git a/lib/fudo/system.nix b/lib/fudo/system.nix index 80fb266..25cf931 100644 --- a/lib/fudo/system.nix +++ b/lib/fudo/system.nix @@ -387,10 +387,6 @@ in { timerConfig = { OnCalendar = opts.onCalendar; }; }) (filterAttrs (name: opts: opts.onCalendar != null) cfg.services); - systemd.tmpfiles.rules = mapAttrsToList - (path: opts: "d ${path} ${opts.perms} ${opts.user} ${opts.group} - -") - cfg.ensure-directories; - systemd.targets.fudo-init = { wantedBy = [ "multi-user.target" ]; }; systemd.services = mapAttrs (name: opts: {