commit a97d32da9c5f9a10902cddcd0377e9a5ceeb2810 · pyrox.dev/nixpkgs

pyrox.dev / nixpkgs

lol

fork atom

Merge pull request #144895 from arcnmx/ddclient-privs

nixos/ddclient: password permission fixes

authored by Aaron Andersen and committed by GitHub 4 years ago a97d32da c6c29d58

+22 -10

1 changed file

expand all

unified split

nixos

modules

services

networking

ddclient.nix

+22 -10

nixos/modules/services/networking/ddclient.nix

··· 28 ''; 29 configFile = if (cfg.configFile != null) then cfg.configFile else configFile'; 30 31 in 32 33 with lib; ··· 54 type = bool; 55 description = '' 56 Whether to synchronise your machine's IP address with a dynamic DNS provider (e.g. dyndns.org). 57 ''; 58 }; 59 ··· 195 196 serviceConfig = { 197 DynamicUser = true; 198 inherit RuntimeDirectory; 199 inherit StateDirectory; 200 Type = "oneshot"; 201 - ExecStart = "${lib.getBin pkgs.ddclient}/bin/ddclient -file /run/${RuntimeDirectory}/ddclient.conf"; 202 }; 203 - preStart = '' 204 - install -m 600 ${configFile} /run/${RuntimeDirectory}/ddclient.conf 205 - ${optionalString (cfg.configFile == null) (if (cfg.passwordFile != null) then '' 206 - password=$(head -n 1 ${cfg.passwordFile}) 207 - sed -i "s/^password=$/password=$password/" /run/${RuntimeDirectory}/ddclient.conf 208 - '' else '' 209 - sed -i '/^password=$/d' /run/${RuntimeDirectory}/ddclient.conf 210 - '')} 211 - ''; 212 }; 213 214 systemd.timers.ddclient = {

··· 28 ''; 29 configFile = if (cfg.configFile != null) then cfg.configFile else configFile'; 30 31 + preStart = '' 32 + install ${configFile} /run/${RuntimeDirectory}/ddclient.conf 33 + ${lib.optionalString (cfg.configFile == null) (if (cfg.passwordFile != null) then '' 34 + password=$(head -n 1 ${cfg.passwordFile}) 35 + sed -i "s/^password=$/password=$password/" /run/${RuntimeDirectory}/ddclient.conf 36 + '' else '' 37 + sed -i '/^password=$/d' /run/${RuntimeDirectory}/ddclient.conf 38 + '')} 39 + ''; 40 + 41 in 42 43 with lib; ··· 64 type = bool; 65 description = '' 66 Whether to synchronise your machine's IP address with a dynamic DNS provider (e.g. dyndns.org). 67 + ''; 68 + }; 69 + 70 + package = mkOption { 71 + type = package; 72 + default = pkgs.ddclient; 73 + defaultText = "pkgs.ddclient"; 74 + description = '' 75 + The ddclient executable package run by the service. 76 ''; 77 }; 78 ··· 214 215 serviceConfig = { 216 DynamicUser = true; 217 + RuntimeDirectoryMode = "0700"; 218 inherit RuntimeDirectory; 219 inherit StateDirectory; 220 Type = "oneshot"; 221 + ExecStartPre = "!${pkgs.writeShellScript "ddclient-prestart" preStart}"; 222 + ExecStart = "${lib.getBin cfg.package}/bin/ddclient -file /run/${RuntimeDirectory}/ddclient.conf"; 223 }; 224 }; 225 226 systemd.timers.ddclient = {