mirror of
https://github.com/CHN-beta/nixos.git
synced 2024-10-23 19:28:58 +08:00
correct secrets permissions
This commit is contained in:
parent
647e9b4463
commit
682cf2766f
@ -306,9 +306,8 @@ inputs:
|
|||||||
{
|
{
|
||||||
templates."xray-client.json" =
|
templates."xray-client.json" =
|
||||||
{
|
{
|
||||||
mode = "0440";
|
owner = inputs.config.users.users.v2ray.name;
|
||||||
owner = "v2ray";
|
group = inputs.config.users.users.v2ray.group;
|
||||||
group = "v2ray";
|
|
||||||
content = builtins.toJSON
|
content = builtins.toJSON
|
||||||
{
|
{
|
||||||
log.loglevel = "info";
|
log.loglevel = "info";
|
||||||
@ -444,9 +443,8 @@ inputs:
|
|||||||
{
|
{
|
||||||
templates."xray-server.json" =
|
templates."xray-server.json" =
|
||||||
{
|
{
|
||||||
mode = "0440";
|
owner = inputs.config.users.users.v2ray.name;
|
||||||
owner = "v2ray";
|
group = inputs.config.users.users.v2ray.group;
|
||||||
group = "v2ray";
|
|
||||||
content = builtins.toJSON
|
content = builtins.toJSON
|
||||||
{
|
{
|
||||||
log.loglevel = "warning";
|
log.loglevel = "warning";
|
||||||
@ -552,7 +550,17 @@ inputs:
|
|||||||
};
|
};
|
||||||
};
|
};
|
||||||
secrets = listToAttrs (map (n: { name = "xray-server/clients/user${toString n}"; value = {}; }) userList)
|
secrets = listToAttrs (map (n: { name = "xray-server/clients/user${toString n}"; value = {}; }) userList)
|
||||||
// { "xray-server/telegram/token" = {}; "xray-server/telegram/chat" = {}; };
|
// (listToAttrs (map
|
||||||
|
(name:
|
||||||
|
{
|
||||||
|
name = "xray-server/telegram/${name}";
|
||||||
|
value =
|
||||||
|
{
|
||||||
|
owner = inputs.config.users.users.v2ray.name;
|
||||||
|
group = inputs.config.users.users.v2ray.group;
|
||||||
|
};
|
||||||
|
})
|
||||||
|
[ "token" "chat" ]));
|
||||||
};
|
};
|
||||||
systemd =
|
systemd =
|
||||||
{
|
{
|
||||||
@ -671,9 +679,8 @@ inputs:
|
|||||||
{
|
{
|
||||||
templates."frpc.ini" =
|
templates."frpc.ini" =
|
||||||
{
|
{
|
||||||
mode = "0440";
|
owner = inputs.config.users.users.frp.name;
|
||||||
owner = "frp";
|
group = inputs.config.users.users.frp.group;
|
||||||
group = "frp";
|
|
||||||
content = inputs.lib.generators.toINI {}
|
content = inputs.lib.generators.toINI {}
|
||||||
(
|
(
|
||||||
{
|
{
|
||||||
@ -735,9 +742,8 @@ inputs:
|
|||||||
{
|
{
|
||||||
templates."frps.ini" =
|
templates."frps.ini" =
|
||||||
{
|
{
|
||||||
mode = "0440";
|
owner = inputs.config.users.users.frp.name;
|
||||||
owner = "frp";
|
group = inputs.config.users.users.frp.group;
|
||||||
group = "frp";
|
|
||||||
content = inputs.lib.generators.toINI {}
|
content = inputs.lib.generators.toINI {}
|
||||||
{
|
{
|
||||||
common = let cert = inputs.config.security.acme.certs.${services.frpServer.serverName}.directory; in
|
common = let cert = inputs.config.security.acme.certs.${services.frpServer.serverName}.directory; in
|
||||||
|
Loading…
Reference in New Issue
Block a user