mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-28 18:03:04 +00:00
nixos/chrony: move to StateDirectory and tmpfiles.d
This commit is contained in:
parent
98906dfdef
commit
f25a301a0a
@ -92,6 +92,11 @@ in
|
||||
|
||||
systemd.services.systemd-timedated.environment = { SYSTEMD_TIMEDATED_NTP_SERVICES = "chronyd.service"; };
|
||||
|
||||
systemd.tmpfiles.rules = [
|
||||
"d ${stateDir} 0755 chrony chrony - -"
|
||||
"f ${keyFile} 0640 chrony chrony -"
|
||||
];
|
||||
|
||||
systemd.services.chronyd =
|
||||
{ description = "chrony NTP daemon";
|
||||
|
||||
@ -103,13 +108,6 @@ in
|
||||
|
||||
path = [ pkgs.chrony ];
|
||||
|
||||
preStart = ''
|
||||
mkdir -m 0755 -p ${stateDir}
|
||||
touch ${keyFile}
|
||||
chmod 0640 ${keyFile}
|
||||
chown chrony:chrony ${stateDir} ${keyFile}
|
||||
'';
|
||||
|
||||
unitConfig.ConditionCapability = "CAP_SYS_TIME";
|
||||
serviceConfig =
|
||||
{ Type = "simple";
|
||||
@ -118,7 +116,7 @@ in
|
||||
ProtectHome = "yes";
|
||||
ProtectSystem = "full";
|
||||
PrivateTmp = "yes";
|
||||
|
||||
StateDirectory = "chrony";
|
||||
};
|
||||
|
||||
};
|
||||
|
Loading…
Reference in New Issue
Block a user