matrix: fix synapse/signal permissions
This commit is contained in:
parent
9202345beb
commit
6967c331e2
|
@ -9,6 +9,9 @@
|
||||||
./signal.nix
|
./signal.nix
|
||||||
];
|
];
|
||||||
|
|
||||||
|
# allow synapse to read the registration files of its appservices
|
||||||
|
users.users.matrix-synapse.extraGroups = [ "mautrix-signal" ];
|
||||||
|
|
||||||
sane.persist.sys.plaintext = [
|
sane.persist.sys.plaintext = [
|
||||||
{ user = "matrix-synapse"; group = "matrix-synapse"; directory = "/var/lib/matrix-synapse"; }
|
{ user = "matrix-synapse"; group = "matrix-synapse"; directory = "/var/lib/matrix-synapse"; }
|
||||||
];
|
];
|
||||||
|
|
|
@ -43,6 +43,7 @@
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
|
# TODO: should use a dedicated user
|
||||||
systemd.services.mx-puppet-discord.serviceConfig = {
|
systemd.services.mx-puppet-discord.serviceConfig = {
|
||||||
# fix up to not use /var/lib/private, but just /var/lib
|
# fix up to not use /var/lib/private, but just /var/lib
|
||||||
DynamicUser = lib.mkForce false;
|
DynamicUser = lib.mkForce false;
|
||||||
|
|
Loading…
Reference in New Issue
Block a user