nixos/geoipupdate: Create database directory in a separate unit

The database directory needs to be created before the geoipupdate.service unit is activated; otherwise, systemd will not be able to set up the mount namespacing to grant the service read-write access.
3 years ago · ba4d2bd03c
parent 7cf55d1f4e
commit ba4d2bd03c
1 changed files with 14 additions and 3 deletions
--- a/nixos/modules/services/misc/geoipupdate.nix
+++ b/nixos/modules/services/misc/geoipupdate.nix
@ -99,9 +99,22 @@ in
      LockFile = "/run/geoipupdate/.lock";
    };

+    systemd.services.geoipupdate-create-db-dir = {
+      serviceConfig.Type = "oneshot";
+      script = ''
+        mkdir -p ${cfg.settings.DatabaseDirectory}
+        chmod 0755 ${cfg.settings.DatabaseDirectory}
+      '';
+    };
+
    systemd.services.geoipupdate = {
      description = "GeoIP Updater";
-      after = [ "network-online.target" "nss-lookup.target" ];
+      requires = [ "geoipupdate-create-db-dir.service" ];
+      after = [
+        "geoipupdate-create-db-dir.service"
+        "network-online.target"
+        "nss-lookup.target"
+      ];
      wants = [ "network-online.target" ];
      startAt = cfg.interval;
      serviceConfig = {
@ -122,8 +135,6 @@ in
            geoipupdateConf = pkgs.writeText "geoipupdate.conf" (geoipupdateKeyValue cfg.settings);

            script = ''
-              mkdir -p "${cfg.settings.DatabaseDirectory}"
-              chmod 755 "${cfg.settings.DatabaseDirectory}"
              chown geoip "${cfg.settings.DatabaseDirectory}"

              cp ${geoipupdateConf} /run/geoipupdate/GeoIP.conf