diff options
author | Alyssa Ross <hi@alyssa.is> | 2024-06-23 00:32:22 +0200 |
---|---|---|
committer | Alyssa Ross <hi@alyssa.is> | 2024-06-23 00:32:22 +0200 |
commit | 6402b188ddd100b3cd6afe7b8a3e553365203f43 (patch) | |
tree | 676b85e4a6ffee092e413e723f7dce8ba01bb48f /nixpkgs/nixos/modules/services/web-apps/akkoma.nix | |
parent | 5a1826585861b32ce2509c0643e793196d81893e (diff) | |
parent | d603719ec6e294f034936c0d0dc06f689d91b6c3 (diff) | |
download | nixlib-6402b188ddd100b3cd6afe7b8a3e553365203f43.tar nixlib-6402b188ddd100b3cd6afe7b8a3e553365203f43.tar.gz nixlib-6402b188ddd100b3cd6afe7b8a3e553365203f43.tar.bz2 nixlib-6402b188ddd100b3cd6afe7b8a3e553365203f43.tar.lz nixlib-6402b188ddd100b3cd6afe7b8a3e553365203f43.tar.xz nixlib-6402b188ddd100b3cd6afe7b8a3e553365203f43.tar.zst nixlib-6402b188ddd100b3cd6afe7b8a3e553365203f43.zip |
Diffstat (limited to 'nixpkgs/nixos/modules/services/web-apps/akkoma.nix')
-rw-r--r-- | nixpkgs/nixos/modules/services/web-apps/akkoma.nix | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/nixpkgs/nixos/modules/services/web-apps/akkoma.nix b/nixpkgs/nixos/modules/services/web-apps/akkoma.nix index 7c9bf6c46516..8ba3c7eaa1e6 100644 --- a/nixpkgs/nixos/modules/services/web-apps/akkoma.nix +++ b/nixpkgs/nixos/modules/services/web-apps/akkoma.nix @@ -119,7 +119,7 @@ let -o ${escapeShellArg cfg.user } \ -g ${escapeShellArg cfg.group} \ <(hexdump -n 16 -e '"%02x"' /dev/urandom) \ - "$RUNTIME_DIRECTORY/cookie" + "''${RUNTIME_DIRECTORY%%:*}/cookie" ''; }; @@ -131,7 +131,7 @@ let -o ${escapeShellArg cfg.user} \ -g ${escapeShellArg cfg.group} \ ${escapeShellArg cfg.dist.cookie._secret} \ - "$RUNTIME_DIRECTORY/cookie" + "''${RUNTIME_DIRECTORY%%:*}/cookie" ''; }; @@ -181,7 +181,7 @@ let name = "akkoma-config"; runtimeInputs = with pkgs; [ coreutils replace-secret ]; text = '' - cd "$RUNTIME_DIRECTORY" + cd "''${RUNTIME_DIRECTORY%%:*}" tmp="$(mktemp config.exs.XXXXXXXXXX)" trap 'rm -f "$tmp"' EXIT TERM @@ -279,7 +279,7 @@ let cd "${cfg.package}" RUNTIME_DIRECTORY="''${RUNTIME_DIRECTORY:-/run/akkoma}" - AKKOMA_CONFIG_PATH="$RUNTIME_DIRECTORY/config.exs" \ + AKKOMA_CONFIG_PATH="''${RUNTIME_DIRECTORY%%:*}/config.exs" \ ERL_EPMD_ADDRESS="${cfg.dist.address}" \ ERL_EPMD_PORT="${toString cfg.dist.epmdPort}" \ ERL_FLAGS=${lib.escapeShellArg (lib.escapeShellArgs ([ @@ -287,7 +287,7 @@ let "-kernel" "inet_dist_listen_min" (toString cfg.dist.portMin) "-kernel" "inet_dist_listen_max" (toString cfg.dist.portMax) ] ++ cfg.dist.extraFlags))} \ - RELEASE_COOKIE="$(<"$RUNTIME_DIRECTORY/cookie")" \ + RELEASE_COOKIE="$(<"''${RUNTIME_DIRECTORY%%:*}/cookie")" \ RELEASE_NAME="akkoma" \ exec "${cfg.package}/bin/$(basename "$0")" "$@" ''; @@ -984,7 +984,7 @@ in { RemainAfterExit = true; UMask = "0077"; - RuntimeDirectory = "akkoma"; + RuntimeDirectory = mkBefore "akkoma"; ExecStart = mkMerge [ (mkIf (cfg.dist.cookie == null) [ genScript ]) @@ -1072,7 +1072,7 @@ in { ProtectProc = "noaccess"; ProcSubset = "pid"; - ProtectSystem = mkIf (!isConfined) "strict"; + ProtectSystem = "strict"; ProtectHome = true; PrivateTmp = true; PrivateDevices = true; @@ -1136,6 +1136,6 @@ in { }; }; - meta.maintainers = with maintainers; [ mvs tcmal ]; + meta.maintainers = with maintainers; [ mvs ]; meta.doc = ./akkoma.md; } |