nixos/chrony: move to StateDirectory and tmpfiles.d

This commit is contained in:
Florian Klink 2019-11-23 16:28:26 +01:00
parent 98906dfdef
commit f25a301a0a

View File

@ -92,6 +92,11 @@ in
systemd.services.systemd-timedated.environment = { SYSTEMD_TIMEDATED_NTP_SERVICES = "chronyd.service"; };
systemd.tmpfiles.rules = [
"d ${stateDir} 0755 chrony chrony - -"
"f ${keyFile} 0640 chrony chrony -"
];
systemd.services.chronyd =
{ description = "chrony NTP daemon";
@ -103,13 +108,6 @@ in
path = [ pkgs.chrony ];
preStart = ''
mkdir -m 0755 -p ${stateDir}
touch ${keyFile}
chmod 0640 ${keyFile}
chown chrony:chrony ${stateDir} ${keyFile}
'';
unitConfig.ConditionCapability = "CAP_SYS_TIME";
serviceConfig =
{ Type = "simple";
@ -118,7 +116,7 @@ in
ProtectHome = "yes";
ProtectSystem = "full";
PrivateTmp = "yes";
StateDirectory = "chrony";
};
};