backups: backup NixOS uid, gid mappings

Now that service uid, gid mappings are included in the backups, along
with the service data dirs, we can remove 'chown -R' for
clightning and liquidd data dirs.

Note that we used 'chown -R' only for these two services, while this
approach would have been relevant for all services with data dirs.
This commit is contained in:
Erik Arvstedt 2021-08-15 11:28:48 +02:00
parent ee8b83681b
commit a8a8b9ce4d
No known key found for this signature in database
GPG Key ID: 33312B944DD97846
3 changed files with 2 additions and 2 deletions

View File

@ -21,6 +21,8 @@ let
${config.services.postgresqlBackup.location}/btcpaydb.sql.gz ${config.services.postgresqlBackup.location}/btcpaydb.sql.gz
${optionalString config.nix-bitcoin.generateSecrets "${config.nix-bitcoin.secretsDir}"} ${optionalString config.nix-bitcoin.generateSecrets "${config.nix-bitcoin.secretsDir}"}
/var/lib/tor /var/lib/tor
/var/lib/nixos
# Extra files # Extra files
${cfg.extraFiles} ${cfg.extraFiles}

View File

@ -111,7 +111,6 @@ in {
requires = [ "bitcoind.service" ]; requires = [ "bitcoind.service" ];
after = [ "bitcoind.service" ]; after = [ "bitcoind.service" ];
preStart = '' preStart = ''
chown -R '${cfg.user}:${cfg.group}' '${cfg.dataDir}'
# The RPC socket has to be removed otherwise we might have stale sockets # The RPC socket has to be removed otherwise we might have stale sockets
rm -f ${cfg.networkDir}/lightning-rpc rm -f ${cfg.networkDir}/lightning-rpc
install -m 640 ${configFile} '${cfg.dataDir}/config' install -m 640 ${configFile} '${cfg.dataDir}/config'

View File

@ -221,7 +221,6 @@ in {
after = [ "bitcoind.service" ]; after = [ "bitcoind.service" ];
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
preStart = '' preStart = ''
chown -R '${cfg.user}:${cfg.group}' '${cfg.dataDir}'
install -m 640 ${configFile} '${cfg.dataDir}/elements.conf' install -m 640 ${configFile} '${cfg.dataDir}/elements.conf'
{ {
echo "rpcpassword=$(cat ${secretsDir}/liquid-rpcpassword)" echo "rpcpassword=$(cat ${secretsDir}/liquid-rpcpassword)"