diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix
index bf8365e3464..3f349dda4d3 100644
--- a/nixos/modules/misc/ids.nix
+++ b/nixos/modules/misc/ids.nix
@@ -273,6 +273,7 @@
jenkins = 109;
systemd-journal-gateway = 110;
notbit = 111;
+ btsync = 113;
monetdb = 115;
foundationdb = 118;
newrelic = 119;
diff --git a/nixos/modules/services/networking/btsync.nix b/nixos/modules/services/networking/btsync.nix
index 7ddc9e1045e..34bddf90873 100644
--- a/nixos/modules/services/networking/btsync.nix
+++ b/nixos/modules/services/networking/btsync.nix
@@ -88,7 +88,7 @@ in
use systemctl start btsync@user to start
the daemon only for user user, using the
configuration file located at
- $HOME/.config/btsync.conf
+ $HOME/.config/btsync.conf.
'';
};
@@ -223,6 +223,21 @@ in
--generate-secret. Note that this secret will be
put inside the Nix store, so it is realistically not very
secret.
+
+ If you would like to be able to modify the contents of this
+ directories, it is recommended that you make your user a
+ member of the btsync group.
+
+ Directories in this list should be in the
+ btsync group, and that group must have
+ write access to the directory. It is also recommended that
+ chmod g+s is applied to the directory
+ so that any sub directories created will also belong to
+ the btsync group. Also,
+ setfacl -d -m group:btsync:rwx and
+ setfacl -m group:btsync:rwx should also
+ be applied so that the sub directories are writable by
+ the group.
'';
};
};
@@ -246,14 +261,20 @@ in
home = "/var/lib/btsync";
createHome = true;
uid = config.ids.uids.btsync;
+ group = "btsync";
};
+ users.extraGroups = [
+ { name = "btsync";
+ }];
+
systemd.services.btsync = with pkgs; {
description = "Bittorrent Sync Service";
wantedBy = [ "multi-user.target" ];
after = [ "network.target" ];
serviceConfig = {
Restart = "on-abort";
+ UMask = "0002";
User = "btsync";
ExecStart =
"${bittorrentSync}/bin/btsync --nodaemon --config ${configFile}";