From 746efadcce6ce729225c9a6e51f6721bc52ae340 Mon Sep 17 00:00:00 2001 From: Matt Votava Date: Thu, 19 Nov 2020 04:29:03 -0800 Subject: [PATCH] home-assistant: add allowlist_external_dirs to systemd unit ReadWritePaths --- nixos/modules/services/misc/home-assistant.nix | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/nixos/modules/services/misc/home-assistant.nix b/nixos/modules/services/misc/home-assistant.nix index 0477254e7c18..1f2e13f37325 100644 --- a/nixos/modules/services/misc/home-assistant.nix +++ b/nixos/modules/services/misc/home-assistant.nix @@ -245,7 +245,11 @@ in { Group = "hass"; Restart = "on-failure"; ProtectSystem = "strict"; - ReadWritePaths = "${cfg.configDir}"; + ReadWritePaths = let + cfgPath = [ "config" "homeassistant" "allowlist_external_dirs" ]; + value = attrByPath cfgPath [] cfg; + allowPaths = if isList value then value else singleton value; + in [ "${cfg.configDir}" ] ++ allowPaths; KillSignal = "SIGINT"; PrivateTmp = true; RemoveIPC = true;