diff options
author | Soispha <soispha@vhack.eu> | 2023-07-08 13:53:11 +0200 |
---|---|---|
committer | Soispha <soispha@vhack.eu> | 2023-07-08 13:53:11 +0200 |
commit | 7815ef2a22e3ae684852f1f28cedae6354263034 (patch) | |
tree | f6f9eff9edd93a734f3f7550e6c42e87ef4dadc0 /system/impermanence/default.nix | |
parent | Fix(host/server1): Use working path to disk (diff) | |
download | nixos-server-7815ef2a22e3ae684852f1f28cedae6354263034.tar.gz nixos-server-7815ef2a22e3ae684852f1f28cedae6354263034.zip |
Fix(treewide): Move all persistent dirs to impermanence to set permissions
Diffstat (limited to '')
-rw-r--r-- | system/impermanence/default.nix | 25 |
1 files changed, 11 insertions, 14 deletions
diff --git a/system/impermanence/default.nix b/system/impermanence/default.nix index 32ad9f7..198eeba 100644 --- a/system/impermanence/default.nix +++ b/system/impermanence/default.nix @@ -1,23 +1,20 @@ {...}: { + # TODO: Only activate them if their module is also active + imports = [ + ./mods/acme.nix + ./mods/keycloak.nix + ./mods/mail.nix + ./mods/minecraft.nix + ./mods/nix-sync.nix + ./mods/openssh.nix + ./mods/users.nix + ]; + environment.persistence."/srv" = { hideMounts = true; directories = [ "/etc/nixos" "/var/log" - "/var/lib/postgresql" - "/var/lib/acme" - { - directory = "/var/lib/nix-sync"; - user = "nix-sync"; - group = "nix-sync"; - mode = "0700"; - } - { - directory = "/var/lib/sshd"; - user = "root"; - group = "root"; - mode = "0755"; - } ]; files = [ "/etc/machine-id" |