diff options
author | Silvan Mosberger <contact@infinisil.com> | 2019-11-13 23:51:34 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-11-13 23:51:34 +0100 |
commit | c482b65abecee8be56d8937ce377fb218fe81fee (patch) | |
tree | a684a1d1cace633f24d6be0493d7fc3df59ecbf1 /nixos/modules/security/acme.nix | |
parent | f5dd1191f8baba7511613757197566618aea9ef8 (diff) | |
parent | 5532065d0690645f0a813fed6e68163b0f4774d4 (diff) | |
download | nixlib-c482b65abecee8be56d8937ce377fb218fe81fee.tar nixlib-c482b65abecee8be56d8937ce377fb218fe81fee.tar.gz nixlib-c482b65abecee8be56d8937ce377fb218fe81fee.tar.bz2 nixlib-c482b65abecee8be56d8937ce377fb218fe81fee.tar.lz nixlib-c482b65abecee8be56d8937ce377fb218fe81fee.tar.xz nixlib-c482b65abecee8be56d8937ce377fb218fe81fee.tar.zst nixlib-c482b65abecee8be56d8937ce377fb218fe81fee.zip |
nixos/acme: Fix allowKeysForGroup not applying immediately (#72056)
nixos/acme: Fix allowKeysForGroup not applying immediately
Diffstat (limited to 'nixos/modules/security/acme.nix')
-rw-r--r-- | nixos/modules/security/acme.nix | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/nixos/modules/security/acme.nix b/nixos/modules/security/acme.nix index d14613f22b05..9563029f030a 100644 --- a/nixos/modules/security/acme.nix +++ b/nixos/modules/security/acme.nix @@ -224,6 +224,12 @@ in environment.REQUESTS_CA_BUNDLE = "/etc/ssl/certs/ca-certificates.crt"; serviceConfig = { Type = "oneshot"; + # With RemainAfterExit the service is considered active even + # after the main process having exited, which means when it + # gets changed, the activation phase restarts it, meaning + # the permissions of the StateDirectory get adjusted + # according to the specified group + RemainAfterExit = true; SuccessExitStatus = [ "0" "1" ]; User = data.user; Group = data.group; |