nixos-module/collectd: add execUser workaround

This commit is contained in:
Astro 2021-05-28 02:02:21 +02:00
parent 78e528d024
commit 762a9df69c
1 changed files with 7 additions and 2 deletions

View File

@ -13,6 +13,11 @@ let
customTypesDb = builtins.toFile "types.db" ''
stations value:GAUGE:0:U
'';
inherit (config.services.collectd) user;
execUser =
if user == "root"
then "nobody"
else user;
isUpstream =
builtins.match "upstream.*" hostName != null ||
builtins.match "anon.*" hostName != null;
@ -90,11 +95,11 @@ in
else maxTimeout
) 180 (builtins.attrNames config.site.net);
in ''
Exec "nobody" "${pkgs.ruby}/bin/ruby" "${./dhcpcount.rb}" "${toString maxTimeout}"
Exec "${execUser}" "${pkgs.ruby}/bin/ruby" "${./dhcpcount.rb}" "${toString maxTimeout}"
'';
}) (lib.optionalAttrs config.services.unbound.enable {
plugins.exec = ''
Exec "nobody" "${pkgs.ruby}/bin/ruby" "${./unbound.rb}"
Exec "${execUser}" "${pkgs.ruby}/bin/ruby" "${./unbound.rb}"
'';
}) (lib.optionalAttrs hasStarlink {
plugins.exec = ''