fix(headscale): set group perms on socket

This commit is contained in:
matt1432 2023-12-20 22:01:29 -05:00
parent 42a168762f
commit 0a2dc94fdf

View file

@ -6,7 +6,6 @@
}: let }: let
headscale-flake = headscale.packages.${pkgs.system}.headscale; headscale-flake = headscale.packages.${pkgs.system}.headscale;
in { in {
# FIXME: no permissions
environment.systemPackages = [headscale-flake]; environment.systemPackages = [headscale-flake];
users.users.${config.vars.user}.extraGroups = ["headscale"]; users.users.${config.vars.user}.extraGroups = ["headscale"];
@ -24,6 +23,7 @@ in {
grpc_listen_addr = "0.0.0.0:50443"; grpc_listen_addr = "0.0.0.0:50443";
grpc_allow_insecure = false; grpc_allow_insecure = false;
disable_check_updates = true; disable_check_updates = true;
unix_socket_permission = "0770";
db_type = "sqlite3"; db_type = "sqlite3";
db_path = "/var/lib/headscale/db.sqlite"; db_path = "/var/lib/headscale/db.sqlite";