nrabulinski/attic
1
1
Fork 1
Code Issues Pull requests Packages Projects Releases Wiki Activity

Merge pull request #49 from icewind1991/module-readwritepaths

Browse source 
nixos: add storage path to ReadWritePaths
This commit is contained in:
Zhaofeng Li 2024-01-18 15:30:49 -07:00 committed by GitHub
parent e6bedf1869 c98be70263
commit a7c878bffc
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
nixos/atticd.nix
View file

@ -203,6 +203,10 @@ in
RestrictNamespaces = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
ReadWritePaths = let
path = cfg.settings.storage.path;
isDefaultStateDirectory = path == "/var/lib/atticd" || lib.hasPrefix "/var/lib/atticd/" path;
in lib.optionals (cfg.settings.storage.type or "" == "local" && !isDefaultStateDirectory) [ path ];
};
};