syncthing: fix permissions of keys
This commit is contained in:
parent
2dbdf0185a
commit
3fee51f737
@ -133,8 +133,16 @@ in
|
||||
|
||||
systemd.services.syncthing = mkIf (cfg.cert != null || cfg.key != null) {
|
||||
preStart = ''
|
||||
${optionalString (cfg.cert != null) "cp ${toString cfg.cert} ${config.services.syncthing.dataDir}/cert.pem"}
|
||||
${optionalString (cfg.key != null) "cp ${toString cfg.key} ${config.services.syncthing.dataDir}/key.pem"}
|
||||
${optionalString (cfg.cert != null) ''
|
||||
cp ${toString cfg.cert} ${config.services.syncthing.dataDir}/cert.pem
|
||||
chown ${config.services.syncthing.user}:${config.services.syncthing.group} ${config.services.syncthing.dataDir}/cert.pem
|
||||
chmod 400 ${config.services.syncthing.dataDir}/cert.pem
|
||||
''}
|
||||
${optionalString (cfg.key != null) ''
|
||||
cp ${toString cfg.key} ${config.services.syncthing.dataDir}/key.pem
|
||||
chown ${config.services.syncthing.user}:${config.services.syncthing.group} ${config.services.syncthing.dataDir}/key.pem
|
||||
chmod 400 ${config.services.syncthing.dataDir}/key.pem
|
||||
''}
|
||||
'';
|
||||
};
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user