From a8a8b9ce4ded39043cf87c5647acaf8e2610a141 Mon Sep 17 00:00:00 2001 From: Erik Arvstedt Date: Sun, 15 Aug 2021 11:28:48 +0200 Subject: [PATCH] backups: backup NixOS uid, gid mappings Now that service uid, gid mappings are included in the backups, along with the service data dirs, we can remove 'chown -R' for clightning and liquidd data dirs. Note that we used 'chown -R' only for these two services, while this approach would have been relevant for all services with data dirs. --- modules/backups.nix | 2 ++ modules/clightning.nix | 1 - modules/liquid.nix | 1 - 3 files changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/backups.nix b/modules/backups.nix index 946f526..a7747c6 100644 --- a/modules/backups.nix +++ b/modules/backups.nix @@ -21,6 +21,8 @@ let ${config.services.postgresqlBackup.location}/btcpaydb.sql.gz ${optionalString config.nix-bitcoin.generateSecrets "${config.nix-bitcoin.secretsDir}"} /var/lib/tor + /var/lib/nixos + # Extra files ${cfg.extraFiles} diff --git a/modules/clightning.nix b/modules/clightning.nix index f415a30..93a3b5a 100644 --- a/modules/clightning.nix +++ b/modules/clightning.nix @@ -111,7 +111,6 @@ in { requires = [ "bitcoind.service" ]; after = [ "bitcoind.service" ]; preStart = '' - chown -R '${cfg.user}:${cfg.group}' '${cfg.dataDir}' # The RPC socket has to be removed otherwise we might have stale sockets rm -f ${cfg.networkDir}/lightning-rpc install -m 640 ${configFile} '${cfg.dataDir}/config' diff --git a/modules/liquid.nix b/modules/liquid.nix index 28f2e4f..7804ba0 100644 --- a/modules/liquid.nix +++ b/modules/liquid.nix @@ -221,7 +221,6 @@ in { after = [ "bitcoind.service" ]; wantedBy = [ "multi-user.target" ]; preStart = '' - chown -R '${cfg.user}:${cfg.group}' '${cfg.dataDir}' install -m 640 ${configFile} '${cfg.dataDir}/elements.conf' { echo "rpcpassword=$(cat ${secretsDir}/liquid-rpcpassword)"