rope/nixos
1
1
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix go2rtc: use RuntimeDirectory instead of mkdir /run/go2rtc

Browse source 
DynamicUser can't write to /run directly. RuntimeDirectory lets systemd
create and manage the directory.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
ediblerope 2026-04-07 20:51:22 +01:00
parent 595efbb25a
commit 6a2563f058
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
services/go2rtc.nix
View file

@ -12,7 +12,6 @@ let
injectSecrets = pkgs.writeShellScript "go2rtc-inject-secrets" '' injectSecrets = pkgs.writeShellScript "go2rtc-inject-secrets" ''
set -euo pipefail set -euo pipefail
SECRETS="/var/secrets/go2rtc-rtsp-url" SECRETS="/var/secrets/go2rtc-rtsp-url"
mkdir -p /run/go2rtc
if [ -f "$SECRETS" ]; then if [ -f "$SECRETS" ]; then
RTSP_URL=$(tr -d '\n' < "$SECRETS") RTSP_URL=$(tr -d '\n' < "$SECRETS")
${pkgs.gnused}/bin/sed "s|@RTSP_URL@|$RTSP_URL|g" ${configTemplate} > /run/go2rtc/config.yaml ${pkgs.gnused}/bin/sed "s|@RTSP_URL@|$RTSP_URL|g" ${configTemplate} > /run/go2rtc/config.yaml
@ -35,6 +34,7 @@ in
# Override to use runtime-templated config with secrets # Override to use runtime-templated config with secrets
systemd.services.go2rtc.serviceConfig = { systemd.services.go2rtc.serviceConfig = {
RuntimeDirectory = "go2rtc";
ExecStartPre = [ "!${injectSecrets}" ]; ExecStartPre = [ "!${injectSecrets}" ];
ExecStart = lib.mkForce "${config.services.go2rtc.package}/bin/go2rtc -config /run/go2rtc/config.yaml"; ExecStart = lib.mkForce "${config.services.go2rtc.package}/bin/go2rtc -config /run/go2rtc/config.yaml";
}; };