numbus/numbus-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix permissions for podman networks creation

Browse Source
This commit is contained in:
Raphaël Numbus
2026-01-09 11:38:33 +01:00
parent 18bd5f00ad
commit 9c3f6c410d
2 changed files with 28 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files
templates/nix-config/misc/activation.nix
+27 -9
View File
@@ -1,16 +1,16 @@
{ config, pkgs, ... }: { config, pkgs, ... }:
{ {
systemd.services.numbus-activation = { systemd.services.numbus-activation-chowned = {
description = "Numbus Server Activation"; description = "Numbus-Server activation : Correct permissions";
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" "traefik.service" ];
after = [ "network.target" "local-fs.target" ]; after = [ "network.target" "local-fs.target" ];
serviceConfig = { serviceConfig = {
Type = "oneshot"; Type = "oneshot";
RemainAfterExit = true; RemainAfterExit = true;
}; };
script = '' script = ''
if [[ -e /etc/numbus-server/activated.true ]]; then if [[ -e /home/numbus-admin/.numbus-server/chowned.true ]]; then
exit 0 exit 0
fi fi
@@ -18,12 +18,30 @@
${pkgs.coreutils}/bin/chown -R numbus-admin:users /mnt/config/ ${pkgs.coreutils}/bin/chown -R numbus-admin:users /mnt/config/
${pkgs.coreutils}/bin/chown -R numbus-admin:users /mnt/data/ ${pkgs.coreutils}/bin/chown -R numbus-admin:users /mnt/data/
${pkgs.util-linux}/bin/runuser -u numbus-admin -- ${pkgs.bash}/bin/bash -c ' ${pkgs.coreutils}/bin/mkdir -p /home/numbus-admin/.numbus-server/
export XDG_RUNTIME_DIR=/run/user/1000 ${pkgs.coreutils}/bin/touch /home/numbus-admin/.numbus-server/chowned.true
PODMAN_NETWORKS '';
' };
${pkgs.coreutils}/bin/touch /etc/numbus-server/activated.true systemd.services.numbus-activation-networked = {
description = "Numbus-Server activation : Create podman networks";
wantedBy = [ "multi-user.target" "traefik.service" ];
after = [ "network.target" "local-fs.target" ];
serviceConfig = {
User = "numbus-admin";
Environment = [ "XDG_RUNTIME_DIR=/run/user/1000" ];
Type = "oneshot";
RemainAfterExit = true;
};
script = ''
if [[ -e /home/numbus-admin/.numbus-server/networked.true ]]; then
exit 0
fi
PODMAN_NETWORKS
${pkgs.coreutils}/bin/mkdir -p /home/numbus-admin/.numbus-server/
${pkgs.coreutils}/bin/touch /home/numbus-admin/.numbus-server/networked.true
''; '';
}; };
} }
templates/nix-config/podman/traefik.nix
+1 -1
View File
@@ -44,7 +44,7 @@ TRAEFIK_REF_NETWORKS
systemd.services.traefik = { systemd.services.traefik = {
description = "Podman container : ${container_name}"; description = "Podman container : ${container_name}";
after = [ "network.target" "numbus-activation.service" ]; after = [ "network.target" "numbus-activation-networked.service" "numbus-activation-chowned.service" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
serviceConfig = { serviceConfig = {