localtime: use upstream unit and fix polkit rule installation
Also don't allocate a user - the upstream unit uses DynamicUser.
This commit is contained in:
parent
66da10e80f
commit
0073c1fb0b
|
@ -22,33 +22,16 @@ in {
|
|||
config = mkIf cfg.enable {
|
||||
services.geoclue2.enable = true;
|
||||
|
||||
# so polkit will pick up the rules
|
||||
environment.systemPackages = [ pkgs.localtime ];
|
||||
|
||||
users.users = [{
|
||||
name = "localtimed";
|
||||
description = "Taskserver user";
|
||||
}];
|
||||
# We use the 'out' output, since localtime has its 'bin' output
|
||||
# first, so that is what we get if we use the derivation bare.
|
||||
# Install the polkit rules.
|
||||
environment.systemPackages = [ pkgs.localtime.out ];
|
||||
# Install the systemd unit.
|
||||
systemd.packages = [ pkgs.localtime.out ];
|
||||
|
||||
systemd.services.localtime = {
|
||||
description = "localtime service";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
partOf = [ "geoclue.service "];
|
||||
|
||||
serviceConfig = {
|
||||
Restart = "on-failure";
|
||||
# TODO: make it work with dbus
|
||||
#DynamicUser = true;
|
||||
Nice = 10;
|
||||
User = "localtimed";
|
||||
PrivateTmp = "yes";
|
||||
PrivateDevices = true;
|
||||
PrivateNetwork = "yes";
|
||||
NoNewPrivileges = "yes";
|
||||
ProtectSystem = "strict";
|
||||
ProtectHome = true;
|
||||
ExecStart = "${pkgs.localtime}/bin/localtimed";
|
||||
};
|
||||
serviceConfig.Restart = "on-failure";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
|
|
@ -13,7 +13,10 @@ buildGoPackage rec {
|
|||
|
||||
buildInputs = [ m4 ];
|
||||
|
||||
makeFlags = [ "PREFIX=$(out)" "BINDIR=$(bin)/bin" ];
|
||||
makeFlags = [
|
||||
"PREFIX=${placeholder "out"}"
|
||||
"BINDIR=${placeholder "bin"}/bin"
|
||||
];
|
||||
|
||||
buildPhase = ''
|
||||
cd go/src/${goPackagePath}
|
||||
|
|
Loading…
Reference in New Issue