From 0cdcf4e6fbea0c9cbe22c088f638db7e96c9c944 Mon Sep 17 00:00:00 2001
From: Defelo <mail@defelo.de>
Date: Sun, 31 Aug 2025 18:03:31 +0200
Subject: [PATCH] nixos/glitchtip: fix sourcemap uploads

(cherry picked from commit 95968f2f73a77cad96bbab0c474b6c67a4133f11)
---
 nixos/modules/services/web-apps/glitchtip.nix | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/nixos/modules/services/web-apps/glitchtip.nix b/nixos/modules/services/web-apps/glitchtip.nix
index aaf949239388..0fa0e20bb445 100644
--- a/nixos/modules/services/web-apps/glitchtip.nix
+++ b/nixos/modules/services/web-apps/glitchtip.nix
@@ -189,6 +189,7 @@ in
           StateDirectory = "glitchtip";
           EnvironmentFile = cfg.environmentFiles;
           WorkingDirectory = "${pkg}/lib/glitchtip";
+          BindPaths = [ "/var/lib/glitchtip/uploads:${pkg}/lib/glitchtip/uploads" ];
 
           # hardening
           AmbientCapabilities = "";
@@ -220,6 +221,7 @@ in
             "@system-service"
             "~@privileged"
             "~@resources"
+            "@chown"
           ];
           UMask = "0077";
         };
@@ -271,7 +273,6 @@ in
 
     users.users = lib.mkIf (cfg.user == "glitchtip") {
       glitchtip = {
-        home = "/var/lib/glitchtip";
         group = cfg.group;
         extraGroups = lib.optionals cfg.redis.createLocally [ "redis-glitchtip" ];
         isSystemUser = true;
@@ -280,6 +281,8 @@ in
 
     users.groups = lib.mkIf (cfg.group == "glitchtip") { glitchtip = { }; };
 
+    systemd.tmpfiles.settings.glitchtip."/var/lib/glitchtip/uploads".d = { inherit (cfg) user group; };
+
     environment.systemPackages =
       let
         glitchtip-manage = pkgs.writeShellScriptBin "glitchtip-manage" ''