treewide: use new tmpfiles api

4 files changed, 31 insertions, 17 deletions

diff --git a/nixos/modules/services/network-filesystems/cachefilesd.nix b/nixos/modules/services/network-filesystems/cachefilesd.nix
index da5a79a062c7..3fb6a19c6fa3 100644
--- a/nixos/modules/services/network-filesystems/cachefilesd.nix
+++ b/nixos/modules/services/network-filesystems/cachefilesd.nix
@@ -56,8 +56,10 @@ in
       };
     };
 
-    systemd.tmpfiles.rules = [
-      "d ${cfg.cacheDir} 0700 root root - -"
-    ];
+    systemd.tmpfiles.settings."10-cachefilesd".${cfg.cacheDir}.d = {
+      user = "root";
+      group = "root";
+      mode = "0700";
+    };
   };
 }
diff --git a/nixos/modules/services/network-filesystems/ceph.nix b/nixos/modules/services/network-filesystems/ceph.nix
index 222905223b59..df9a2f802bb9 100644
--- a/nixos/modules/services/network-filesystems/ceph.nix
+++ b/nixos/modules/services/network-filesystems/ceph.nix
@@ -398,12 +398,18 @@ in
       in
         mkMerge targets;
 
-    systemd.tmpfiles.rules = [
-      "d /etc/ceph - ceph ceph - -"
-      "d /run/ceph 0770 ceph ceph -"
-      "d /var/lib/ceph - ceph ceph - -"]
-    ++ optionals cfg.mgr.enable [ "d /var/lib/ceph/mgr - ceph ceph - -"]
-    ++ optionals cfg.mon.enable [ "d /var/lib/ceph/mon - ceph ceph - -"]
-    ++ optionals cfg.osd.enable [ "d /var/lib/ceph/osd - ceph ceph - -"];
+    systemd.tmpfiles.settings."10-ceph" = let
+      defaultConfig = {
+        user = "ceph";
+        group = "ceph";
+      };
+    in {
+      "/etc/ceph".d = defaultConfig;
+      "/run/ceph".d = defaultConfig // { mode = "0770"; };
+      "/var/lib/ceph".d = defaultConfig;
+      "/var/lib/ceph/mgr".d = mkIf (cfg.mgr.enable) defaultConfig;
+      "/var/lib/ceph/mon".d = mkIf (cfg.mon.enable) defaultConfig;
+      "/var/lib/ceph/osd".d = mkIf (cfg.osd.enable) defaultConfig;
+    };
   };
 }
diff --git a/nixos/modules/services/network-filesystems/kbfs.nix b/nixos/modules/services/network-filesystems/kbfs.nix
index 33ff283d5e81..578675e75dc3 100644
--- a/nixos/modules/services/network-filesystems/kbfs.nix
+++ b/nixos/modules/services/network-filesystems/kbfs.nix
@@ -92,7 +92,12 @@ in {
     (mkIf cfg.enableRedirector {
       security.wrappers."keybase-redirector".source = "${pkgs.kbfs}/bin/redirector";
 
-      systemd.tmpfiles.rules = [ "d /keybase 0755 root root 0" ];
+      systemd.tmpfiles.settings."10-kbfs"."/keybase".d = {
+        user = "root";
+        group = "root";
+        mode = "0755";
+        age = "0";
+      };
 
       # Upstream: https://github.com/keybase/client/blob/master/packaging/linux/systemd/keybase-redirector.service
       systemd.user.services.keybase-redirector = {
diff --git a/nixos/modules/services/network-filesystems/kubo.nix b/nixos/modules/services/network-filesystems/kubo.nix
index 126e0902d5b4..1a6ec245037c 100644
--- a/nixos/modules/services/network-filesystems/kubo.nix
+++ b/nixos/modules/services/network-filesystems/kubo.nix
@@ -307,12 +307,13 @@ in
       ipfs.gid = config.ids.gids.ipfs;
     };
 
-    systemd.tmpfiles.rules = [
-      "d '${cfg.dataDir}' - ${cfg.user} ${cfg.group} - -"
-    ] ++ optionals cfg.autoMount [
-      "d '${cfg.settings.Mounts.IPFS}' - ${cfg.user} ${cfg.group} - -"
-      "d '${cfg.settings.Mounts.IPNS}' - ${cfg.user} ${cfg.group} - -"
-    ];
+    systemd.tmpfiles.settings."10-kubo" = let
+      defaultConfig = { inherit (cfg) user group; };
+    in {
+      ${cfg.dataDir}.d = defaultConfig;
+      ${cfg.settings.Mounts.IPFS}.d = mkIf (cfg.autoMount) defaultConfig;
+      ${cfg.settings.Mounts.IPNS}.d = mkIf (cfg.autoMount) defaultConfig;
+    };
 
     # The hardened systemd unit breaks the fuse-mount function according to documentation in the unit file itself
     systemd.packages = if cfg.autoMount