From fbe59432379249bc94e6bf7bafd925f4299596db Mon Sep 17 00:00:00 2001 From: Aaron Andersen <aaron@fosslib.net> Date: Sun, 24 Feb 2019 09:06:38 -0500 Subject: [PATCH] nixos/opendkim: replace deprecated usage of PermissionsStartOnly see https://github.com/NixOS/nixpkgs/issues/53852 --- nixos/modules/services/mail/opendkim.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/nixos/modules/services/mail/opendkim.nix b/nixos/modules/services/mail/opendkim.nix index 7855efb46c7..253823cbaf9 100644 --- a/nixos/modules/services/mail/opendkim.nix +++ b/nixos/modules/services/mail/opendkim.nix @@ -101,13 +101,16 @@ in { environment.systemPackages = [ pkgs.opendkim ]; + systemd.tmpfiles.rules = [ + "d '${cfg.keyPath}' - ${cfg.user} ${cfg.group} - -" + ]; + systemd.services.opendkim = { description = "OpenDKIM signing and verification daemon"; after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; preStart = '' - mkdir -p "${cfg.keyPath}" cd "${cfg.keyPath}" if ! test -f ${cfg.selector}.private; then ${pkgs.opendkim}/bin/opendkim-genkey -s ${cfg.selector} -d all-domains-generic-key @@ -116,7 +119,6 @@ in { cat ${cfg.selector}.txt echo "-------------------------------------------------------------" fi - chown ${cfg.user}:${cfg.group} ${cfg.selector}.private ''; serviceConfig = { @@ -124,7 +126,6 @@ in { User = cfg.user; Group = cfg.group; RuntimeDirectory = optional (cfg.socket == defaultSock) "opendkim"; - PermissionsStartOnly = true; }; };