syncthing: fix permissions of keys
This commit is contained in:
parent
2dbdf0185a
commit
3fee51f737
@ -133,8 +133,16 @@ in
|
|||||||
|
|
||||||
systemd.services.syncthing = mkIf (cfg.cert != null || cfg.key != null) {
|
systemd.services.syncthing = mkIf (cfg.cert != null || cfg.key != null) {
|
||||||
preStart = ''
|
preStart = ''
|
||||||
${optionalString (cfg.cert != null) "cp ${toString cfg.cert} ${config.services.syncthing.dataDir}/cert.pem"}
|
${optionalString (cfg.cert != null) ''
|
||||||
${optionalString (cfg.key != null) "cp ${toString cfg.key} ${config.services.syncthing.dataDir}/key.pem"}
|
cp ${toString cfg.cert} ${config.services.syncthing.dataDir}/cert.pem
|
||||||
|
chown ${config.services.syncthing.user}:${config.services.syncthing.group} ${config.services.syncthing.dataDir}/cert.pem
|
||||||
|
chmod 400 ${config.services.syncthing.dataDir}/cert.pem
|
||||||
|
''}
|
||||||
|
${optionalString (cfg.key != null) ''
|
||||||
|
cp ${toString cfg.key} ${config.services.syncthing.dataDir}/key.pem
|
||||||
|
chown ${config.services.syncthing.user}:${config.services.syncthing.group} ${config.services.syncthing.dataDir}/key.pem
|
||||||
|
chmod 400 ${config.services.syncthing.dataDir}/key.pem
|
||||||
|
''}
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user