module: support additional properties in "ak"
This changes the "ak" script to contain all properties from the authentik.service unit except the Exec* and Restart* properties. This allows the script to work when the user has added additional properties to the unit (e.g. the `SupplementaryGroups` property to connect to Redis over a Unix socket).
This commit is contained in:
Quentin Smith
parent
1361d269fe
commit
940f49870b
1 changed files with 10 additions and 6 deletions
16
module.nix
16
module.nix
|
|
@ -196,13 +196,17 @@ in
|
||||||
# `systemd-run(1)` in order to spin up an environment with correct (dynamic) user,
|
# `systemd-run(1)` in order to spin up an environment with correct (dynamic) user,
|
||||||
# state directory and environment to run `ak` inside.
|
# state directory and environment to run `ak` inside.
|
||||||
(k: vs: map (v: "--property ${k}=${if isBool v then boolToString v else toString v}") (toList vs))
|
(k: vs: map (v: "--property ${k}=${if isBool v then boolToString v else toString v}") (toList vs))
|
||||||
# Read serviceDefaults from `authentik.service`. That way, module system primitives (mk*)
|
# Read properties from `authentik.service`. That way, users can customize the properties using
|
||||||
# can be used inside `serviceDefaults` and it doesn't need to be evaluated here again.
|
# module system primitives and the like.
|
||||||
(
|
(
|
||||||
getAttrs (attrNames serviceDefaults) config.systemd.services.authentik.serviceConfig
|
removeAttrs config.systemd.services.authentik.serviceConfig [
|
||||||
// {
|
"ExecStart"
|
||||||
StateDirectory = "authentik";
|
"ExecStartPre"
|
||||||
}
|
"Restart"
|
||||||
|
"RestartSec"
|
||||||
|
# systemd-run doesn't expand the %S specifier, so this is passed separately below.
|
||||||
|
"WorkingDirectory"
|
||||||
|
]
|
||||||
)
|
)
|
||||||
);
|
);
|
||||||
in
|
in
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue