From 5bf87a1f8323711e2395a3829b68c2824acce480 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rapha=C3=ABl=20Numbus?= <admin@numbus.eu>
Date: Tue, 3 Mar 2026 22:04:58 +0100
Subject: [PATCH] Try to fix newuidmap exec not found

---
 modules/services/lib.nix | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/modules/services/lib.nix b/modules/services/lib.nix
index 9d66e82..4266dad 100644
--- a/modules/services/lib.nix
+++ b/modules/services/lib.nix
@@ -106,7 +106,7 @@ with lib;
           onFailure = [ "service-failure-notify@%n.service" ];
           startLimitBurst = 5;
           startLimitIntervalSec = 600;
-          path = [ pkgs.coreutils pkgs.podman pkgs.podman-compose ];
+          path = [ pkgs.podman pkgs.podman-compose pkgs.su pkgs.sudo pkgs.coreutils ];
           serviceConfig = {
             Type = "exec";
             User = "numbus-admin";
@@ -114,10 +114,10 @@ with lib;
             TimeoutStartSec = "1000";
             ExecStartPre = [
               "${pkgs.bash}/bin/bash -c 'sleep $((RANDOM % ${toString startDelay}))'"
-              "${pkgs.podman}/bin/podman compose -f /etc/podman/${name}/compose.yaml pull"
+              "${pkgs.bash}/bin/bash -c 'export PATH=/run/wrappers/bin:$PATH; exec ${pkgs.sudo}/bin/sudo -u numbus-admin podman-compose -f /etc/podman/${name}/compose.yaml pull'"
             ];
-            ExecStart = "${pkgs.podman}/bin/podman compose ${envFileArg} --in-pod ${toString pod} -f /etc/podman/${name}/compose.yaml up --remove-orphans";
-            ExecStop = "${pkgs.podman}/bin/podman compose ${envFileArg} --in-pod ${toString pod} -f /etc/podman/${name}/compose.yaml down";
+            ExecStart = "${pkgs.bash}/bin/bash -c 'export PATH=/run/wrappers/bin:$PATH; exec ${pkgs.sudo}/bin/sudo -u numbus-admin podman-compose ${envFileArg} --in-pod ${toString pod} -f /etc/podman/${name}/compose.yaml up --remove-orphans'";
+            ExecStop = "${pkgs.bash}/bin/bash -c 'export PATH=/run/wrappers/bin:$PATH; exec ${pkgs.sudo}/bin/sudo -u numbus-admin podman-compose ${envFileArg} --in-pod ${toString pod} -f /etc/podman/${name}/compose.yaml down'";
             Restart = "on-failure";
             RestartSec = "3m";
           };