26 lines
679 B
Nix
26 lines
679 B
Nix
{
|
|
lib,
|
|
config,
|
|
...
|
|
}: let
|
|
workingDirectory = "/var/lib/private/crab-hole";
|
|
in {
|
|
config = lib.mkIf (config.services.crab-hole.enable && config.host.impermanence.enable) {
|
|
assertions = [
|
|
{
|
|
assertion =
|
|
config.systemd.services.crab-hole.serviceConfig.WorkingDirectory == (builtins.replaceStrings ["/private"] [""] workingDirectory);
|
|
message = "crab-hole working directory does not match persistence";
|
|
}
|
|
];
|
|
environment.persistence."/persist/system/root" = {
|
|
directories = [
|
|
{
|
|
directory = workingDirectory;
|
|
user = "crab-hole";
|
|
group = "crab-hole";
|
|
}
|
|
];
|
|
};
|
|
};
|
|
}
|