From 549c689c4be24f507380f58f8c0cf0d60eada7a4 Mon Sep 17 00:00:00 2001 From: tv Date: Wed, 15 Jul 2015 12:49:39 +0200 Subject: 3 tv.ejabberd: cerfile cannot be in private /tmp --- 3modules/tv/ejabberd.nix | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/3modules/tv/ejabberd.nix b/3modules/tv/ejabberd.nix index e75c995af..b694d05d2 100644 --- a/3modules/tv/ejabberd.nix +++ b/3modules/tv/ejabberd.nix @@ -35,10 +35,9 @@ let PermissionsStartOnly = "true"; SyslogIdentifier = "ejabberd"; User = user.name; - PrivateTmp = "true"; ExecStartPre = pkgs.writeScript "ejabberd-start" '' #! /bin/sh - install -o ${user.name} -m 0400 ${cfg.certFile} /tmp/certfile.pem + install -o ${user.name} -m 0400 ${cfg.certFile} /etc/ejabberd/ejabberd.pem ''; ExecStart = pkgs.writeScript "ejabberd-service" '' #! /bin/sh @@ -78,7 +77,7 @@ let [ {5222, ejabberd_c2s, [ starttls, - {certfile, "/tmp/certfile.pem"}, + {certfile, "/etc/ejabberd/ejabberd.pem"}, {access, c2s}, {shaper, c2s_shaper}, {max_stanza_size, 65536} @@ -95,7 +94,7 @@ let ]} ]}. {s2s_use_starttls, required}. - {s2s_certfile, "/tmp/certfile.pem"}. + {s2s_certfile, "/etc/ejabberd/ejabberd.pem"}. {auth_method, internal}. {shaper, normal, {maxrate, 1000}}. {shaper, fast, {maxrate, 50000}}. -- cgit v1.2.3