patch pixelfed to give nginx read permissions
this way we don't need DANGEROUSLY_SET_FILESYSTEM_DRIVER
This commit is contained in:
parent
e7ffd94c5e
commit
1d8f514240
18
pixelfed-group-permissions.patch
Normal file
18
pixelfed-group-permissions.patch
Normal file
|
@ -0,0 +1,18 @@
|
||||||
|
diff --git a/config/filesystems.php b/config/filesystems.php
|
||||||
|
index 00254e93..fc1a58f3 100644
|
||||||
|
--- a/config/filesystems.php
|
||||||
|
+++ b/config/filesystems.php
|
||||||
|
@@ -49,11 +49,11 @@ return [
|
||||||
|
'permissions' => [
|
||||||
|
'file' => [
|
||||||
|
'public' => 0644,
|
||||||
|
- 'private' => 0600,
|
||||||
|
+ 'private' => 0640,
|
||||||
|
],
|
||||||
|
'dir' => [
|
||||||
|
'public' => 0755,
|
||||||
|
- 'private' => 0700,
|
||||||
|
+ 'private' => 0750,
|
||||||
|
],
|
||||||
|
],
|
||||||
|
],
|
|
@ -36,7 +36,7 @@ in
|
||||||
|
|
||||||
# TODO: factor these out so we're only defining e.g. s3.garage.localhost and port 3900 in one place
|
# TODO: factor these out so we're only defining e.g. s3.garage.localhost and port 3900 in one place
|
||||||
services.pixelfed.settings = {
|
services.pixelfed.settings = {
|
||||||
DANGEROUSLY_SET_FILESYSTEM_DRIVER = "s3";
|
# DANGEROUSLY_SET_FILESYSTEM_DRIVER = "s3";
|
||||||
FILESYSTEM_CLOUD = "s3";
|
FILESYSTEM_CLOUD = "s3";
|
||||||
PF_ENABLE_CLOUD = true;
|
PF_ENABLE_CLOUD = true;
|
||||||
AWS_ACCESS_KEY_ID = snakeoil_key.id;
|
AWS_ACCESS_KEY_ID = snakeoil_key.id;
|
||||||
|
@ -53,4 +53,8 @@ in
|
||||||
systemd.services.pixelfed-data-setup = {
|
systemd.services.pixelfed-data-setup = {
|
||||||
after = [ "ensure-garage.service" ];
|
after = [ "ensure-garage.service" ];
|
||||||
};
|
};
|
||||||
|
|
||||||
|
services.pixelfed.package = pkgs.pixelfed.overrideAttrs (old: {
|
||||||
|
patches = (old.patches or [ ]) ++ [ ./pixelfed-group-permissions.patch ];
|
||||||
|
});
|
||||||
}
|
}
|
||||||
|
|
Reference in a new issue