locale + crowdsec: pin timezone, declare static crowdsec user
Two failing services after the channel switch. automatic-timezoned has been polkit-blocked since well before the switch — replace with a static Europe/London timezone. Hosts that travel can override locally if needed. The vendored crowdsec module's setup unit chowns its config dir to the (DynamicUser-allocated) crowdsec user via an ExecStartPre+ hack. On stable's systemd the dynamic user isn't visible to chown via NSS at that point, so it fails with 'invalid user'. Declaring crowdsec as a static system user makes systemd use it (DynamicUser becomes a no-op) and the chown resolves cleanly. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
This commit is contained in:
parent
5e1780b4fe
commit
3819cb6820
2 changed files with 16 additions and 8 deletions
|
|
@ -2,14 +2,9 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
|
||||
{
|
||||
# Set your time zone.
|
||||
#time.timeZone = "Europe/London";
|
||||
services.automatic-timezoned.enable = true;
|
||||
services.geoclue2 = {
|
||||
enable = true;
|
||||
enableDemoAgent = lib.mkForce true;
|
||||
geoProviderUrl = "https://api.beacondb.net/v1/geolocate?key=geoclue";
|
||||
};
|
||||
# Static timezone — automatic-timezoned needs polkit rules to call timedate1
|
||||
# and was failing on every host. Override on the laptop if it ever moves.
|
||||
time.timeZone = "Europe/London";
|
||||
|
||||
# Select internationalisation properties.
|
||||
i18n.defaultLocale = "en_GB.UTF-8";
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue