ilyakooo0/nixpkgs
1
0
Fork 0
mirror of https://github.com/ilyakooo0/nixpkgs.git synced 2024-12-26 21:33:03 +03:00
Code Issues Projects Releases Wiki Activity

nixos/yggdrasil: add group option

Browse Source 
Allow users to access the Yggdrasil control socket by group.
This commit is contained in:
Emery Hemingway 2020-05-02 00:16:52 +05:30
parent d55c70e411
commit 0d49162aa0
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
nixos/modules/services/networking/yggdrasil.nix
View File

@ -83,6 +83,14 @@ in {
'';
};
group = mkOption {
type = types.str;
default = "root";
example = "wheel";
description =
"Group to grant acces to the Yggdrasil control socket.";
};
openMulticastPort = mkOption {
type = bool;
default = false;
@ -144,8 +152,9 @@ in {
ExecReload = "${pkgs.coreutils}/bin/kill -HUP $MAINPID";
Restart = "always";
Group = cfg.group;
RuntimeDirectory = "yggdrasil";
RuntimeDirectoryMode = "0700";
RuntimeDirectoryMode = "0750";
BindReadOnlyPaths = mkIf configFileProvided
[ "${cfg.configFile}" ];