From efe0c0169626f509938c479e29191b15a36834b4 Mon Sep 17 00:00:00 2001
From: Gregor Kleen <gkleen@yggdrasil.li>
Date: Sun, 21 Nov 2021 15:18:52 +0100
Subject: ymir: ...

---
 ymir.nix | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'ymir.nix')

diff --git a/ymir.nix b/ymir.nix
index ee540b59..cf8f43a6 100644
--- a/ymir.nix
+++ b/ymir.nix
@@ -813,14 +813,15 @@ in rec {
   systemd.services."acme-yggdrasil.li" = {
     requires = [ "nginx.service" ]; 
     serviceConfig = {
-      ReadWritePaths = [ "/srv/www/acme" "/tmp/webdav" ];
+      ReadWritePaths = [ "/srv/www/acme" ];
+      RuntimeDirectory = [ "nginx/webdav" ];
+      RuntimeDirectoryMode = "0700";
     };
   };
   systemd.tmpfiles.rules
     = let mkAcmeDir = domain: "d /srv/www/acme 0775 root ssl 10d -";
       in map mkAcmeDir myDomains ++ [
         "L /etc/nixos - - - - /root/nixos"
-        "d /tmp/webdav 0700 nginx nginx 1h"
       ];
 
   services.uucp = {
-- 
cgit v1.2.3