Mic92/retiolum
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

retiolum: make updating host keys slightly more atomic

Browse Source
This commit is contained in:
Jörg Thalheim 2024-08-30 13:29:11 +02:00
parent be646cb877
commit 9d9da8c114
1 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
modules/retiolum/default.nix
View File

@ -69,12 +69,14 @@ in {
systemd.services."tinc.${netname}-host-keys" = let systemd.services."tinc.${netname}-host-keys" = let
install-keys = pkgs.writeShellScript "install-keys" '' install-keys = pkgs.writeShellScript "install-keys" ''
rm -rf /etc/tinc/${netname}/hosts.tmp
mkdir /etc/tinc/${netname}/hosts.tmp
cp -R ${hosts}/* /etc/tinc/${netname}/hosts.tmp
chown -R tinc-${netname} /etc/tinc/${netname}/hosts.tmp
chmod -R u+w /etc/tinc/${netname}/hosts.tmp
rm -rf /etc/tinc/${netname}/hosts rm -rf /etc/tinc/${netname}/hosts
cp -R ${hosts} /etc/tinc/${netname}/hosts mv /etc/tinc/${netname}/hosts{.tmp,}
# FIXME: drop this once everyone has the new tinc user
chown -R tinc-${netname} /etc/tinc/${netname}/hosts ||
chown -R tinc.${netname} /etc/tinc/${netname}/hosts
chmod -R u+w /etc/tinc/${netname}/hosts
''; '';
in { in {
description = "Install tinc.${netname} host keys"; description = "Install tinc.${netname} host keys";