chn/nixos
1
0
Fork 0
mirror of https://github.com/CHN-beta/nixos.git synced 2024-10-23 17:08:46 +08:00
Code Issues Packages Projects Releases Wiki Activity

correct secrets permissions

Browse Source
This commit is contained in:
陈浩南 2023-08-11 15:30:47 +08:00
parent 647e9b4463
commit 682cf2766f
1 changed files with 19 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
modules/services/default.nix
View File

@ -306,9 +306,8 @@ inputs:
{
templates."xray-client.json" =
{
mode = "0440";
owner = "v2ray";
group = "v2ray";
owner = inputs.config.users.users.v2ray.name;
group = inputs.config.users.users.v2ray.group;
content = builtins.toJSON
{
log.loglevel = "info";
@ -444,9 +443,8 @@ inputs:
{
templates."xray-server.json" =
{
mode = "0440";
owner = "v2ray";
group = "v2ray";
owner = inputs.config.users.users.v2ray.name;
group = inputs.config.users.users.v2ray.group;
content = builtins.toJSON
{
log.loglevel = "warning";
@ -552,7 +550,17 @@ inputs:
};
};
secrets = listToAttrs (map (n: { name = "xray-server/clients/user${toString n}"; value = {}; }) userList)
// { "xray-server/telegram/token" = {}; "xray-server/telegram/chat" = {}; };
// (listToAttrs (map
(name:
{
name = "xray-server/telegram/${name}";
value =
{
owner = inputs.config.users.users.v2ray.name;
group = inputs.config.users.users.v2ray.group;
};
})
[ "token" "chat" ]));
};
systemd =
{
@ -671,9 +679,8 @@ inputs:
{
templates."frpc.ini" =
{
mode = "0440";
owner = "frp";
group = "frp";
owner = inputs.config.users.users.frp.name;
group = inputs.config.users.users.frp.group;
content = inputs.lib.generators.toINI {}
(
{
@ -735,9 +742,8 @@ inputs:
{
templates."frps.ini" =
{
mode = "0440";
owner = "frp";
group = "frp";
owner = inputs.config.users.users.frp.name;
group = inputs.config.users.users.frp.group;
content = inputs.lib.generators.toINI {}
{
common = let cert = inputs.config.security.acme.certs.${services.frpServer.serverName}.directory; in