diff options
author | Julian Schacher <julian@jsts.xyz> | 2023-10-09 02:27:05 +0200 |
---|---|---|
committer | Julian Schacher <julian@jsts.xyz> | 2023-10-09 02:27:05 +0200 |
commit | 722e9df2fbcb8ad19a21677b426ef784a28d3ede (patch) | |
tree | 784c280650a124750db9f91ec89f1b35eeaff011 /nixos/modules/services/matrix | |
parent | 7ae736453eb02b0d7db3634e736bd0780e475094 (diff) |
nixos/matrix-synapse: add media_store_path to services ReadWritePaths
Currently, when setting a custom media_store_path, which lies outside of cfg.dataDir, the current ReadWritePaths make it so that Synapse can't access the media_store_path. So add the media_store_path to ReadWritePaths to fix that.
Diffstat (limited to 'nixos/modules/services/matrix')
-rw-r--r-- | nixos/modules/services/matrix/synapse.nix | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/nixos/modules/services/matrix/synapse.nix b/nixos/modules/services/matrix/synapse.nix index 1354a8cb58b42..34930a7ba69b3 100644 --- a/nixos/modules/services/matrix/synapse.nix +++ b/nixos/modules/services/matrix/synapse.nix @@ -1070,7 +1070,7 @@ in { ProtectKernelTunables = true; ProtectProc = "invisible"; ProtectSystem = "strict"; - ReadWritePaths = [ cfg.dataDir ]; + ReadWritePaths = [ cfg.dataDir cfg.settings.media_store_path ]; RemoveIPC = true; RestrictAddressFamilies = [ "AF_INET" "AF_INET6" "AF_UNIX" ]; RestrictNamespaces = true; |