fix pods creation and folder management

2023-06-27 23:09:36 +03:00 · 2023-06-27 23:09:36 +03:00 · 443a9c394a
commit 443a9c394a
parent fc7349aa48
5 changed files with 19 additions and 14 deletions
--- a/profiles/servers/authentik.nix
+++ b/profiles/servers/authentik.nix
@ -82,16 +82,17 @@ in {
    };
  };

+  systemd.tmpfiles.rules = [
+    "d ${data-dir}/db 0700 70 root -"
+    "d ${data-dir}/redis 0755 dhcpcd root -"
+    "d ${data-dir}/media 0755 ${owner} ${owner} -"
+    "d ${data-dir}/certs 0755 ${owner} ${owner} -"
+    "d ${data-dir}/custom-templates 0755 ${owner} ${owner} -"
+  ];
+
  systemd.services."podman-create-${pod-name}" = let
    portsMapping = lib.concatMapStrings (port: " -p " + port) open-ports;
    start = pkgs.writeShellScript "create-pod" ''
-      if [[ ! -d "${data-dir}" ]]; then
-        mkdir -p "${data-dir}/db"
-        mkdir -p "${data-dir}/redis"
-        mkdir -p "${data-dir}/media" && chown ${owner}:${owner} "${data-dir}/media"
-        mkdir -p "${data-dir}/certs" && chown ${owner}:${owner} "${data-dir}/certs"
-        mkdir -p "${data-dir}/custom-templates" && chown ${owner}:${owner} "${data-dir}/custom-templates"
-      fi
      podman pod exists ${pod-name} || podman pod create -n ${pod-name} ${portsMapping}
    '';
    stop = "podman pod rm -i -f ${pod-name}";
@ -104,7 +105,7 @@ in {
      "${backend}-authentik-worker.service"
      "${backend}-authentik-ldap.service"
    ];
-    wantedBy = before;
+    requiredBy = before;
    partOf = before;
    serviceConfig = {
      Type = "oneshot";
--- a/profiles/servers/gitea.nix
+++ b/profiles/servers/gitea.nix
@ -108,7 +108,7 @@ in {
    older-than = "3"; # in days
  in rec {
    before = [ "gitea-dump.service" ];
-    wantedBy = before;
+    requiredBy = before;
    script = ''
      ${pkgs.findutils}/bin/find ${config.services.gitea.dump.backupDir} \
        -mindepth 1 -type f -mtime +${older-than} -delete
--- a/profiles/servers/joplin-server.nix
+++ b/profiles/servers/joplin-server.nix
@ -32,18 +32,22 @@ in {
      volumes = [ "${joplin-db-data}:/var/lib/postgresql/data" ];
    };
  };
+
+  systemd.tmpfiles.rules = [
+    "d ${joplin-data} 0755 ${joplin-uid} ${joplin-uid} -"
+    "d ${joplin-db-data} 0700 dhcpcd dhcpcd -"
+  ];
+
  systemd.services."podman-create-${pod-name}" = let
    portsMapping = lib.concatMapStrings (port: " -p " + port) open-ports;
    start = pkgs.writeShellScript "create-pod" ''
-      mkdir -p ${joplin-data} && chown ${joplin-uid} ${joplin-data}
-      mkdir -p ${joplin-db-data}
      podman pod exists ${pod-name} || podman pod create -n ${pod-name} ${portsMapping}
    '';
    stop = "podman pod rm -i -f ${pod-name}";
  in rec {
    path = [ pkgs.coreutils config.virtualisation.podman.package ];
    before = [ "${backend}-joplin.service" "${backend}-joplin-db.service" ];
-    wantedBy = before;
+    requiredBy = before;
    serviceConfig = {
      Type = "oneshot";
      RemainAfterExit = "yes";
--- a/profiles/servers/media-stack/default.nix
+++ b/profiles/servers/media-stack/default.nix
@ -43,7 +43,7 @@ in {
      "${backend}-recyclarr.service"
      "${backend}-sonarr.service"
    ];
-    wantedBy = before;
+    requiredBy = before;
    partOf = before;
    serviceConfig = {
      Type = "oneshot";
--- a/profiles/servers/seafile.nix
+++ b/profiles/servers/seafile.nix
@ -139,7 +139,7 @@ in {
      "${backend}-memcached.service"
      "${backend}-seafile-caddy.service"
    ];
-    wantedBy = before;
+    requiredBy = before;
    partOf = before;
    serviceConfig = {
      Type = "oneshot";