about summary refs log tree commit diff
path: root/nixos
diff options
context:
space:
mode:
authorAaron Andersen <aaron@fosslib.net>2019-02-24 08:25:04 -0500
committerAaron Andersen <aaron@fosslib.net>2019-04-13 07:00:57 -0400
commit0113cc0de90e4c48ff2f87de8bb2862267d7db7c (patch)
tree88a4a97b8e6e99b2adad65c8eeb8fef792c90b6b /nixos
parenta585d29bfd1e57d82965e3162b7780fd3f60214b (diff)
downloadnixlib-0113cc0de90e4c48ff2f87de8bb2862267d7db7c.tar
nixlib-0113cc0de90e4c48ff2f87de8bb2862267d7db7c.tar.gz
nixlib-0113cc0de90e4c48ff2f87de8bb2862267d7db7c.tar.bz2
nixlib-0113cc0de90e4c48ff2f87de8bb2862267d7db7c.tar.lz
nixlib-0113cc0de90e4c48ff2f87de8bb2862267d7db7c.tar.xz
nixlib-0113cc0de90e4c48ff2f87de8bb2862267d7db7c.tar.zst
nixlib-0113cc0de90e4c48ff2f87de8bb2862267d7db7c.zip
nixos/stanchion: replace deprecated usage of PermissionsStartOnly
see https://github.com/NixOS/nixpkgs/issues/53852
Diffstat (limited to 'nixos')
-rw-r--r--nixos/modules/services/databases/stanchion.nix20
1 files changed, 6 insertions, 14 deletions
diff --git a/nixos/modules/services/databases/stanchion.nix b/nixos/modules/services/databases/stanchion.nix
index 9fe49f51edd2..97e55bc70c47 100644
--- a/nixos/modules/services/databases/stanchion.nix
+++ b/nixos/modules/services/databases/stanchion.nix
@@ -98,7 +98,7 @@ in
         type = types.path;
         default = "/var/log/stanchion";
         description = ''
-          Log directory for Stanchino.
+          Log directory for Stanchion.
         '';
       };
 
@@ -152,6 +152,11 @@ in
 
     users.groups.stanchion.gid = config.ids.gids.stanchion;
 
+    systemd.tmpfiles.rules = [
+      "d '${cfg.logDir}' - stanchion stanchion --"
+      "d '${cfg.dataDir}' 0700 stanchion stanchion --"
+    ];
+
     systemd.services.stanchion = {
       description = "Stanchion Server";
 
@@ -168,25 +173,12 @@ in
       environment.STANCHION_LOG_DIR = "${cfg.logDir}";
       environment.STANCHION_ETC_DIR = "/etc/stanchion";
 
-      preStart = ''
-        if ! test -e ${cfg.logDir}; then
-          mkdir -m 0755 -p ${cfg.logDir}
-          chown -R stanchion:stanchion ${cfg.logDir}
-        fi
-
-        if ! test -e ${cfg.dataDir}; then
-          mkdir -m 0700 -p ${cfg.dataDir}
-          chown -R stanchion:stanchion ${cfg.dataDir}
-        fi
-      '';
-
       serviceConfig = {
         ExecStart = "${cfg.package}/bin/stanchion console";
         ExecStop = "${cfg.package}/bin/stanchion stop";
         StandardInput = "tty";
         User = "stanchion";
         Group = "stanchion";
-        PermissionsStartOnly = true;
         # Give Stanchion a decent amount of time to clean up.
         TimeoutStopSec = 120;
         LimitNOFILE = 65536;
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-05 06:14:54 +0000