Skip to content

Commit

Permalink
Create directories with tmpfiles rules instead of in preStart
Browse files Browse the repository at this point in the history
  • Loading branch information
@RebeccaMahany
RebeccaMahany committed Jan 3, 2024
1 parent 5cdd613 commit cf1557a
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 12 deletions.
6 changes: 3 additions & 3 deletions flake.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

15 changes: 6 additions & 9 deletions modules/kolide-launcher/default.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,15 +56,6 @@ in

path = with pkgs; [ patchelf ];

preStart = ''
mkdir -p ${cfg.rootDirectory}
if [ ! -d "${cfg.enrollSecretDirectory}" ]; then
mkdir -p ${cfg.enrollSecretDirectory}
echo -n 'secret' > ${cfg.enrollSecretDirectory}/secret
fi
'';

serviceConfig = {
Environment = "PATH=/run/wrappers/bin:/bin:/sbin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin";
ExecStart = ''
Expand All @@ -81,5 +72,11 @@ in
RestartSec = 3;
};
};

systemd.tmpfiles.rules = [
"d ${cfg.rootDirectory} 0755 - -"
"d ${cfg.enrollSecretDirectory} 0755 - -"
"z ${cfg.enrollSecretDirectory}/secret 0600 - -"
];
};
}

0 comments on commit cf1557a

Please sign in to comment.