foodogsquared/nixos-config
1
0
Fork 0
mirror of https://github.com/foo-dogsquared/nixos-config.git synced 2025-01-31 10:58:02 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

nixos/services: add path assertions

Browse Source
This commit is contained in:
Gabriel Arazas 2022-07-05 22:17:43 +08:00
parent 342e1b11f1
commit d111304d71
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
modules/nixos/services/gallery-dl.nix
View File

@ -166,6 +166,10 @@ in {
SystemCallFilter = "@system-service"; SystemCallFilter = "@system-service";
SystemCallErrorNumber = "EPERM"; SystemCallErrorNumber = "EPERM";
}; };
unitConfig = {
AssertPathIsReadWrite = cfg.archivePath;
AssertPathIsDirectory = cfg.archivePath;
};
}) cfg.jobs; }) cfg.jobs;
}; };
} }

6
modules/nixos/services/yt-dlp.nix
View File

@ -111,6 +111,8 @@ in {
}; };
}; };
# There's no need to go to the working directory since yt-dlp has the
# `--paths` flag.
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
systemd.services = lib.mapAttrs' (name: value: systemd.services = lib.mapAttrs' (name: value:
lib.nameValuePair "yt-dlp-archive-service-${name}" { lib.nameValuePair "yt-dlp-archive-service-${name}" {
@ -142,6 +144,10 @@ in {
SystemCallFilter = "@system-service"; SystemCallFilter = "@system-service";
SystemCallErrorNumber = "EPERM"; SystemCallErrorNumber = "EPERM";
}; };
unitConfig = {
AssertPathIsReadWrite = cfg.archivePath;
AssertPathIsDirectory = cfg.archivePath;
};
}) cfg.jobs; }) cfg.jobs;
}; };
} }