From fd9611949fa9ebf9ac3f44c1b92d1d4a5b601caa Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gutyina=20Gerg=C5=91?= Date: Mon, 26 May 2025 23:53:08 +0200 Subject: [PATCH] nixos/pocket-id: refactor --- nixos/modules/services/security/pocket-id.nix | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/nixos/modules/services/security/pocket-id.nix b/nixos/modules/services/security/pocket-id.nix index c98c7e47023b..939f0d5762e9 100644 --- a/nixos/modules/services/security/pocket-id.nix +++ b/nixos/modules/services/security/pocket-id.nix @@ -7,13 +7,16 @@ let inherit (lib) + concatMap + concatStringsSep + getExe + maintainers mkEnableOption mkIf mkOption - optionalAttrs - optional mkPackageOption - concatMap + optional + optionalAttrs ; inherit (lib.types) bool @@ -28,7 +31,7 @@ let settingsFile = format.generate "pocket-id-env-vars" cfg.settings; in { - meta.maintainers = with lib.maintainers; [ + meta.maintainers = with maintainers; [ gepbird ymstnt ]; @@ -149,7 +152,7 @@ in User = cfg.user; Group = cfg.group; WorkingDirectory = cfg.dataDir; - ExecStart = "${cfg.package}/bin/pocket-id"; + ExecStart = getExe cfg.package; Restart = "always"; EnvironmentFile = [ cfg.environmentFile @@ -188,7 +191,7 @@ in RestrictRealtime = true; RestrictSUIDSGID = true; SystemCallArchitectures = "native"; - SystemCallFilter = lib.concatStringsSep " " [ + SystemCallFilter = concatStringsSep " " [ "~" "@clock" "@cpu-emulation"