From 9f0280c6f8b2d61d4eb2607b5da93581e6358d16 Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Sat, 26 Mar 2022 16:50:29 +0100
Subject: ...

---
 modules/certspotter.nix | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/modules/certspotter.nix b/modules/certspotter.nix
index 8d49b9e9..70c28b74 100644
--- a/modules/certspotter.nix
+++ b/modules/certspotter.nix
@@ -5,9 +5,19 @@ with lib;
 let
   cfg = config.services.certspotter;
 
+  script = pkgs.writeShellApplication {
+    name = "certspotter-script";
+    runtimeInputs = with pkgs; [ coreutils ];
+    text = ''
+      mkdir -p "''${LOGS_DIRECTORY}"
+      env > $(mktemp -p "''${LOGS_DIRECTORY}" $(date -Ins).XXXXXXXXXX.env)
+    '';
+  };
+
   startOptions = cfg.extraOptions
                  ++ optionals (cfg.logs != null) ["-logs" cfg.logs]
                  ++ ["-watchlist" (pkgs.writeText "watchlist" (concatStringsSep "\n" cfg.watchList))
+                     "-script" "${script}/bin/certspotter-script"
                     ];
 in {
   options = {
@@ -39,7 +49,6 @@ in {
         ExecStart = "${cfg.package}/bin/certspotter -state_dir $STATE_DIRECTORY ${escapeShellArgs startOptions}";
         StateDirectory = "certspotter";
         LogsDirectory = "certspotter";
-        StandardOutput = "append:$LOGS_DIRECTORY/certspotter.log";
         DynamicUser = true;
       };
     };
-- 
cgit v1.2.3