From 0b7305e7830683300fdc9bd3e83000bc9fa2a27b Mon Sep 17 00:00:00 2001 From: Aaron Andersen Date: Sun, 24 Feb 2019 07:57:19 -0500 Subject: [PATCH] nixos/unifi: replace deprecated usage of PermissionsStartOnly see https://github.com/NixOS/nixpkgs/issues/53852 --- nixos/modules/services/networking/unifi.nix | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/nixos/modules/services/networking/unifi.nix b/nixos/modules/services/networking/unifi.nix index c82e0af2803..9057a1e12b3 100644 --- a/nixos/modules/services/networking/unifi.nix +++ b/nixos/modules/services/networking/unifi.nix @@ -146,6 +146,11 @@ in where = where; }) mountPoints; + systemd.tmpfiles.rules = [ + "e '${stateDir}' 0700 unifi - - -" + "e '${stateDir}/data' 0700 unifi - - -" + ]; + systemd.services.unifi = { description = "UniFi controller daemon"; wantedBy = [ "multi-user.target" ]; @@ -157,14 +162,9 @@ in environment.LD_LIBRARY_PATH = with pkgs.stdenv; "${cc.cc.lib}/lib"; preStart = '' - # Ensure privacy of state and data. - chown unifi "${stateDir}" "${stateDir}/data" - chmod 0700 "${stateDir}" "${stateDir}/data" - # Create the volatile webapps rm -rf "${stateDir}/webapps" mkdir -p "${stateDir}/webapps" - chown unifi "${stateDir}/webapps" ln -s "${cfg.unifiPackage}/webapps/ROOT" "${stateDir}/webapps/ROOT" ''; @@ -177,7 +177,6 @@ in ExecStart = "${(removeSuffix "\n" cmd)} start"; ExecStop = "${(removeSuffix "\n" cmd)} stop"; User = "unifi"; - PermissionsStartOnly = true; UMask = "0077"; WorkingDirectory = "${stateDir}"; };