From 43de0b8da95b9e64823ebce176e541ff93c25c82 Mon Sep 17 00:00:00 2001 From: Brendan Golden Date: Sat, 5 Aug 2023 23:08:52 +0100 Subject: [PATCH] ldap: fix permissions for backend scripts --- flake.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/flake.nix b/flake.nix index ae5d286..8b331d5 100644 --- a/flake.nix +++ b/flake.nix @@ -68,7 +68,7 @@ USERS_BANNED = lib.strings.concatStringsSep "," cfg.users.banned; }; - service_name = script: lib.strings.sanitizeDerivationName("${cfg.prefix}${cfg.user}@${script}"); + service_name = script: lib.strings.sanitizeDerivationName("${cfg.user}@${script}"); # oneshot scripts to run serviceGenerator = mapAttrs' (script: time: nameValuePair (service_name script) { @@ -79,7 +79,8 @@ serviceConfig = { Type = "oneshot"; - DynamicUser = true; + User = "${cfg.user}"; + Group = "${cfg.user}"; ExecStart = "${self.defaultPackage."${system}"}/bin/${script}"; EnvironmentFile = "${cfg.envFile}"; }; @@ -179,7 +180,7 @@ home = mkOption rec { type = types.str; - default = "/etc/skynet_${package_name}"; + default = "/etc/${cfg.prefix}${package_name}"; description = "The home for the user"; };