mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-25 00:12:56 +00:00
Merge pull request #135751 from zhaofengli/promtail-allow-positions-file
nixos/promtail: Allow write access to positions file if not in CacheDirectory
This commit is contained in:
commit
8b13843f4e
@ -7,6 +7,9 @@ let
|
||||
'';
|
||||
|
||||
allowSystemdJournal = cfg.configuration ? scrape_configs && lib.any (v: v ? journal) cfg.configuration.scrape_configs;
|
||||
|
||||
allowPositionsFile = !lib.hasPrefix "/var/cache/promtail" positionsFile;
|
||||
positionsFile = cfg.configuration.positions.filename;
|
||||
in {
|
||||
options.services.promtail = with types; {
|
||||
enable = mkEnableOption "the Promtail ingresser";
|
||||
@ -53,6 +56,7 @@ in {
|
||||
RestrictSUIDSGID = true;
|
||||
PrivateMounts = true;
|
||||
CacheDirectory = "promtail";
|
||||
ReadWritePaths = lib.optional allowPositionsFile (builtins.dirOf positionsFile);
|
||||
|
||||
User = "promtail";
|
||||
Group = "promtail";
|
||||
|
Loading…
Reference in New Issue
Block a user