qbt: fix file permissions
This commit is contained in:
@@ -19,7 +19,7 @@
|
||||
# 0770: group (media) needs write to delete files during upgrades —
|
||||
# Radarr/Sonarr must unlink the old file before placing the new one.
|
||||
"Z ${config.services.qbittorrent.serverConfig.Preferences.Downloads.SavePath} 0770 ${config.services.qbittorrent.user} ${service_configs.media_group}"
|
||||
"Z ${config.services.qbittorrent.serverConfig.Preferences.Downloads.TempPath} 0700 ${config.services.qbittorrent.user} ${config.services.qbittorrent.group}"
|
||||
"z ${config.services.qbittorrent.serverConfig.Preferences.Downloads.TempPath} 0700 ${config.services.qbittorrent.user} ${config.services.qbittorrent.group}"
|
||||
"Z ${config.services.qbittorrent.profileDir} 0700 ${config.services.qbittorrent.user} ${config.services.qbittorrent.group}"
|
||||
])
|
||||
];
|
||||
@@ -127,7 +127,13 @@
|
||||
};
|
||||
};
|
||||
|
||||
systemd.services.qbittorrent.serviceConfig.TimeoutStopSec = lib.mkForce 10;
|
||||
systemd.services.qbittorrent.serviceConfig = {
|
||||
TimeoutStopSec = lib.mkForce 10;
|
||||
# Default UMask=0022 creates files as 0644 (group read-only). With 0007,
|
||||
# new files get 0660/0770 so the media group has read+write immediately
|
||||
# instead of relying on the tmpfiles Z rule to fix permissions at restart.
|
||||
UMask = lib.mkForce "0007";
|
||||
};
|
||||
|
||||
services.caddy.virtualHosts."torrent.${service_configs.https.domain}".extraConfig = ''
|
||||
import ${config.age.secrets.caddy_auth.path}
|
||||
|
||||
Reference in New Issue
Block a user