Updated activation script. Updated logic.

templates/nix-config/misc/activation.nix

@@ -1,11 +1,11 @@
 { config, pkgs, ... }:
 
 {
-  systemd.services.numbus-activation-chowned = {
+  systemd.services.numbus-activation = {
     description = "Numbus-Server activation : Correct permissions";
     wantedBy = [ "multi-user.target" "traefik.service" ];
     after = [ "network.target" "local-fs.target" ];
-    path = [ pkgs.coreutils ];
+    path = [ pkgs.coreutils pkgs.podman pkgs.sudo ];
     serviceConfig = {
       Type = "oneshot";
       RemainAfterExit = true;
@@ -13,7 +13,7 @@
     script = ''
       #!/usr/bin/env bash
 
-      if [[ -e /home/numbus-admin/.numbus-server/chowned.true ]]; then
+      if [[ -e /home/numbus-admin/.numbus-server/activated.true ]]; then
         exit 0
       fi
 
@@ -22,32 +22,12 @@
       chown -R numbus-admin:users /mnt/config/
       chown -R numbus-admin:users /mnt/data/
       chown -R 100032:users /mnt/data/nextcloud/
-      chown -R numbus-admin:users /home/numbus-admin/.numbus-server/
-
-      touch /home/numbus-admin/.numbus-server/chowned.true
-    '';
-  };
-
-  systemd.services.numbus-activation-networked = {
-    description = "Numbus-Server activation : Create podman networks";
-    wantedBy = [ "multi-user.target" "traefik.service" ];
-    before = [ "traefik.service" ];
-    after = [ "network.target" "local-fs.target" "numbus-activation-chowned.service" ];
-    path = [ pkgs.podman pkgs.coreutils ];
-    serviceConfig = {
-      User = "numbus-admin";
-      Environment = [ "XDG_RUNTIME_DIR=/run/user/1000" ];
-      Type = "oneshot";
-      RemainAfterExit = true;
-    };
-    script = ''
-      #!/usr/bin/env bash
-
-      export PATH=$PATH:/run/wrappers/bin
 
 PODMAN_NETWORKS
+
       mkdir -p /home/numbus-admin/.numbus-server/
-      touch /home/numbus-admin/.numbus-server/networked.true
+      touch /home/numbus-admin/.numbus-server/activated.true
+      chown -R numbus-admin:users /home/numbus-admin/.numbus-server/
     '';
   };
 
@@ -62,7 +42,7 @@ PODMAN_NETWORKS
       "pi-hole.service"
       "home-assistant.service"
     ];
-    path = [ pkgs.curl pkgs.coreutils pkgs.systemd pkgs.podman ];
+    path = [ pkgs.curl pkgs.coreutils pkgs.systemd pkgs.podman pkgs.sudo ];
     serviceConfig = {
       Type = "oneshot";
       RemainAfterExit = true;
@@ -79,12 +59,13 @@ PODMAN_NETWORKS
 
       if [[ -e /etc/nixos/podman/pi-hole.nix ]]; then
         mkdir -p /mnt/config/pi-hole/
+        chown -R numbus-admin:users /mnt/config/pi-hole/
         until [[ -e /mnt/config/pi-hole/pihole-FTL.db ]]; do
           echo "Waiting for Pi-hole to be ready..."
           sleep 15
         done
         sleep 60
-        podman exec pi-hole pihole -g
+        sudo -u numbus-admin podman exec pi-hole pihole -g
         sleep 60
         systemctl restart pi-hole.service
         echo "Pi-Hole quirk applied and service ready !"
@@ -92,6 +73,7 @@ PODMAN_NETWORKS
 
       if [[ -e /etc/nixos/podman/home-assistant.nix ]]; then
         mkdir -p /mnt/config/home-assistant/
+        chown -R numbus-admin:users /mnt/config/home-assistant/
         until [[ -e /mnt/config/home-assistant/configuration.yaml ]]; do
           echo "Waiting for Home Assistant to be ready..."
           sleep 15
@@ -112,6 +94,7 @@ EOF
 
       if [[ -e /etc/nixos/podman/frigate.nix ]]; then
         mkdir -p /mnt/config/frigate/
+        chown -R numbus-admin:users /mnt/config/frigate/
         until [[ -e /mnt/config/frigate/config.yaml ]]; do
           echo "Waiting for Frigate to be ready..."
           sleep 15
@@ -129,6 +112,7 @@ EOF
   
       mkdir -p /home/numbus-admin/.numbus-server/
       touch /home/numbus-admin/.numbus-server/quirked.true
+      chown -R numbus-admin:users /home/numbus-admin/.numbus-server/
     '';
   };
 }