ymir: ...

author: Gregor Kleen <gkleen@yggdrasil.li> 2021-11-21 15:18:52 +0100
committer: Gregor Kleen <gkleen@yggdrasil.li> 2021-11-21 15:18:52 +0100
commit: efe0c0169626f509938c479e29191b15a36834b4 (patch)
tree: 04b0e0378d15e6b36a1cf49e82e3b1921f840d27 /ymir.nix
parent: 93a06a1ee43938fce732bb7ea23b6c18d06e4d16 (diff)
download: nixos-efe0c0169626f509938c479e29191b15a36834b4.tar
nixos-efe0c0169626f509938c479e29191b15a36834b4.tar.gz
nixos-efe0c0169626f509938c479e29191b15a36834b4.tar.bz2
nixos-efe0c0169626f509938c479e29191b15a36834b4.tar.xz
nixos-efe0c0169626f509938c479e29191b15a36834b4.zip
1 files changed, 3 insertions, 2 deletions
diff --git a/ymir.nix b/ymir.nix
index ee540b59..cf8f43a6 100644
--- a/ymir.nix
+++ b/ymir.nix
@@ -813,14 +813,15 @@ in rec {
  systemd.services."acme-yggdrasil.li" = {
    requires = [ "nginx.service" ]; 
    serviceConfig = {
-      ReadWritePaths = [ "/srv/www/acme" "/tmp/webdav" ];
+      ReadWritePaths = [ "/srv/www/acme" ];
+      RuntimeDirectory = [ "nginx/webdav" ];
+      RuntimeDirectoryMode = "0700";
    };
  };
  systemd.tmpfiles.rules
    = let mkAcmeDir = domain: "d /srv/www/acme 0775 root ssl 10d -";
      in map mkAcmeDir myDomains ++ [
        "L /etc/nixos - - - - /root/nixos"
-        "d /tmp/webdav 0700 nginx nginx 1h"
      ];
  services.uucp = {
author	Gregor Kleen <gkleen@yggdrasil.li>	2021-11-21 15:18:52 +0100
committer	Gregor Kleen <gkleen@yggdrasil.li>	2021-11-21 15:18:52 +0100
commit	efe0c0169626f509938c479e29191b15a36834b4 (patch)
tree	04b0e0378d15e6b36a1cf49e82e3b1921f840d27 /ymir.nix
parent	93a06a1ee43938fce732bb7ea23b6c18d06e4d16 (diff)
download	nixos-efe0c0169626f509938c479e29191b15a36834b4.tar nixos-efe0c0169626f509938c479e29191b15a36834b4.tar.gz nixos-efe0c0169626f509938c479e29191b15a36834b4.tar.bz2 nixos-efe0c0169626f509938c479e29191b15a36834b4.tar.xz nixos-efe0c0169626f509938c479e29191b15a36834b4.zip