diff options
author | lassulus <lassulus@lassul.us> | 2022-01-02 23:21:28 +0100 |
---|---|---|
committer | lassulus <lassulus@lassul.us> | 2022-01-02 23:30:50 +0100 |
commit | afaf87781a282e6fbba596b0cbf652552961e54e (patch) | |
tree | 16564969bc3b9df0e018800aaa586ff6f98ae11b | |
parent | dc428126108a13b72ea806114148cf0633dfcd18 (diff) |
krebs.tinc: make /etc/tinc/ writable by tincd
-rw-r--r-- | krebs/3modules/tinc.nix | 15 |
1 files changed, 7 insertions, 8 deletions
diff --git a/krebs/3modules/tinc.nix b/krebs/3modules/tinc.nix index a18248351..21ddde1c6 100644 --- a/krebs/3modules/tinc.nix +++ b/krebs/3modules/tinc.nix @@ -222,12 +222,6 @@ with import <stockholm/lib>; nameValuePair netname {} ) config.krebs.tinc; - environment.etc = mapAttrs' (netname: cfg: - nameValuePair "tinc/${netname}" { - source = cfg.confDir; - } - ) config.krebs.tinc; - krebs.systemd.services = mapAttrs (netname: cfg: { }) config.krebs.tinc; @@ -239,8 +233,6 @@ with import <stockholm/lib>; cfg.iproutePackage cfg.tincPackage ]; - reloadIfChanged = true; - restartTriggers = [ cfg.confDir ]; serviceConfig = { Restart = "always"; LoadCredential = filter (x: x != "") [ @@ -249,6 +241,13 @@ with import <stockholm/lib>; ) "rsa_key:${cfg.privkey}" ]; + ExecStartPre = pkgs.writers.writeDash "init-tinc-${netname}" '' + ${pkgs.coreutils}/bin/mkdir -p /etc/tinc + ${pkgs.rsync}/bin/rsync -vaL --delete \ + --chown ${cfg.user.name} \ + --chmod u=rwX,g=rX \ + ${cfg.confDir}/ /etc/tinc/${netname}/ + ''; ExecStart = toString [ "${cfg.tincPackage}/sbin/tincd" "-D" |