From 8ba0e155d3cf45487329e0a6def2409cd9afc6f0 Mon Sep 17 00:00:00 2001
From: niten <niten@fudo.org>
Date: Sat, 6 Jan 2024 11:06:05 -0800
Subject: [PATCH] Put launcher in script

---
 lib/fudo/auth/kerberos/kdc.nix | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/lib/fudo/auth/kerberos/kdc.nix b/lib/fudo/auth/kerberos/kdc.nix
index cfab16a..a2dd21e 100644
--- a/lib/fudo/auth/kerberos/kdc.nix
+++ b/lib/fudo/auth/kerberos/kdc.nix
@@ -326,16 +326,17 @@ let
                 LimitNOFILE = 4096;
                 User = cfg.user;
                 Group = cfg.group;
-                Restart =
-                  "never"; # Server will retry -- this results in stacking
+                # Server will retry -- this results in stacking
+                Restart = "never";
                 AmbientCapabilities = "CAP_NET_BIND_SERVICE";
                 SecureBits = "keep-caps";
                 ReadWritePaths = [ "${dirOf cfg.kdc.database}" ];
-                ExecStart = concatStringsSep " " [
-                  "${pkgs.heimdal}/libexec/heimdal/hpropd"
-                  "--database=sqlite:${cfg.kdc.database}"
-                  "--keytab=${cfg.kdc.secondary.keytabs.hpropd}"
-                ];
+                ExecStart = writeShellScript "launch-heimdal-hpropd.sh"
+                  (concatStringsSep " " [
+                    "${pkgs.heimdal}/libexec/heimdal/hpropd"
+                    "--database=sqlite:${cfg.kdc.database}"
+                    "--keytab=${cfg.kdc.secondary.keytabs.hpropd}"
+                  ]);
               };
               unitConfig.ConditionPathExists =
                 [ cfg.kdc.database cfg.kdc.secondary.keytabs.hpropd ];