diff options
author | Ryan Lahfa <masterancpp@gmail.com> | 2023-06-12 11:59:31 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-06-12 11:59:31 +0200 |
commit | 3897d52760bd5772f507fb13c5083dddefdac962 (patch) | |
tree | 00655ce862ede2620e96fdc3f5bc3afeca8a44d4 /nixos | |
parent | 98b94235ef91c49553fe879eb168150c6652d53c (diff) | |
parent | 953ee5df829e7dc1e4d7823078c4f564365732e7 (diff) | |
download | nixlib-3897d52760bd5772f507fb13c5083dddefdac962.tar nixlib-3897d52760bd5772f507fb13c5083dddefdac962.tar.gz nixlib-3897d52760bd5772f507fb13c5083dddefdac962.tar.bz2 nixlib-3897d52760bd5772f507fb13c5083dddefdac962.tar.lz nixlib-3897d52760bd5772f507fb13c5083dddefdac962.tar.xz nixlib-3897d52760bd5772f507fb13c5083dddefdac962.tar.zst nixlib-3897d52760bd5772f507fb13c5083dddefdac962.zip |
Merge pull request #236134 from Tom-Hubrecht/pixelfed
nixos/pixelfed: Fix missing permissions for nginx serving files
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/services/web-apps/pixelfed.nix | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/nixos/modules/services/web-apps/pixelfed.nix b/nixos/modules/services/web-apps/pixelfed.nix index 430a368650ec..b0c92aac979f 100644 --- a/nixos/modules/services/web-apps/pixelfed.nix +++ b/nixos/modules/services/web-apps/pixelfed.nix @@ -356,7 +356,8 @@ in { ExecStart = "${pixelfed-manage}/bin/pixelfed-manage schedule:run"; User = user; Group = group; - StateDirectory = cfg.dataDir; + StateDirectory = + lib.mkIf (cfg.dataDir == "/var/lib/pixelfed") "pixelfed"; }; }; @@ -391,6 +392,9 @@ in { rsync -av --no-perms ${pixelfed}/storage-static/ ${cfg.dataDir}/storage chmod -R +w ${cfg.dataDir}/storage + chmod g+x ${cfg.dataDir}/storage ${cfg.dataDir}/storage/app + chmod -R g+rX ${cfg.dataDir}/storage/app/public + # Link the app.php in the runtime folder. # We cannot link the cache folder only because bootstrap folder needs to be writeable. ln -sf ${pixelfed}/bootstrap-static/app.php ${cfg.runtimeDir}/app.php @@ -441,7 +445,7 @@ in { ]; # Enable NGINX to access our phpfpm-socket. - users.users."${config.services.nginx.group}".extraGroups = [ cfg.group ]; + users.users."${config.services.nginx.user}".extraGroups = [ cfg.group ]; services.nginx = mkIf (cfg.nginx != null) { enable = true; virtualHosts."${cfg.domain}" = mkMerge [ |