nrabulinski/attic
0
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

nixos: Add non-default storage path to ReadWritePaths

Browse source 
This prevents "read-only storage" errors when setting a non-default
local storage path. The non-default path must exist beforehand.

Co-authored-by: Zhaofeng Li <hello@zhaofeng.li>
This commit is contained in:
Robin Appelman 2023-05-22 18:50:48 +02:00 committed by Zhaofeng Li
parent e6bedf1869
commit c98be70263
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
nixos/atticd.nix
View file

@ -203,6 +203,10 @@ in
RestrictNamespaces = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
ReadWritePaths = let
path = cfg.settings.storage.path;
isDefaultStateDirectory = path == "/var/lib/atticd" || lib.hasPrefix "/var/lib/atticd/" path;
in lib.optionals (cfg.settings.storage.type or "" == "local" && !isDefaultStateDirectory) [ path ];
};
};