1 files changed, 17 insertions, 1 deletions
diff --git a/nix/module.nix b/nix/module.nix
index 5debc9e..40bc868 100644
--- a/nix/module.nix
+++ b/nix/module.nix
@@ -326,6 +326,20 @@ let
      # Working directory where .relay-owner.nsec will be created if needed
      WorkingDirectory = cfg.dataDir;
+      # Ensure data directories exist before service starts
+      # The + prefix runs these commands as root
+      # This is necessary because tmpfiles.rules aren't automatically executed
+      # during nixos-rebuild switch, causing service failures with custom dataDirs
+      ExecStartPre = [
+        "+${pkgs.coreutils}/bin/mkdir -p '${cfg.dataDir}'"
+        "+${pkgs.coreutils}/bin/mkdir -p '${cfg.dataDir}/git'"
+        "+${pkgs.coreutils}/bin/mkdir -p '${cfg.dataDir}/relay'"
+        "+${pkgs.coreutils}/bin/chown -R ${cfg.user}:${cfg.group} '${cfg.dataDir}'"
+        "+${pkgs.coreutils}/bin/chmod 750 '${cfg.dataDir}'"
+        "+${pkgs.coreutils}/bin/chmod 750 '${cfg.dataDir}/git'"
+        "+${pkgs.coreutils}/bin/chmod 750 '${cfg.dataDir}/relay'"
+      ];
      # Add git, openssh, and coreutils to PATH for purgatory sync operations
      Environment =
        "PATH=${pkgs.git}/bin:${pkgs.openssh}/bin:${pkgs.coreutils}/bin";
@@ -373,7 +387,9 @@ let
      SystemCallErrorNumber = "EPERM";
    };
-    # Directory creation handled by systemd tmpfiles (see config section below)
+    # Directory creation handled by both ExecStartPre (above) and tmpfiles (below)
+    # ExecStartPre ensures directories exist at service start time
+    # tmpfiles provides boot-time setup and consistency
  };
  enabledInstances =

diff --git a/nix/module.nix b/nix/module.nix index 5debc9e..40bc868 100644 --- a/nix/module.nix +++ b/nix/module.nix
@@ -326,6 +326,20 @@ let
326	# Working directory where .relay-owner.nsec will be created if needed	326	# Working directory where .relay-owner.nsec will be created if needed
327	WorkingDirectory = cfg.dataDir;	327	WorkingDirectory = cfg.dataDir;
328		328
		329	# Ensure data directories exist before service starts
		330	# The + prefix runs these commands as root
		331	# This is necessary because tmpfiles.rules aren't automatically executed
		332	# during nixos-rebuild switch, causing service failures with custom dataDirs
		333	ExecStartPre = [
		334	"+${pkgs.coreutils}/bin/mkdir -p '${cfg.dataDir}'"
		335	"+${pkgs.coreutils}/bin/mkdir -p '${cfg.dataDir}/git'"
		336	"+${pkgs.coreutils}/bin/mkdir -p '${cfg.dataDir}/relay'"
		337	"+${pkgs.coreutils}/bin/chown -R ${cfg.user}:${cfg.group} '${cfg.dataDir}'"
		338	"+${pkgs.coreutils}/bin/chmod 750 '${cfg.dataDir}'"
		339	"+${pkgs.coreutils}/bin/chmod 750 '${cfg.dataDir}/git'"
		340	"+${pkgs.coreutils}/bin/chmod 750 '${cfg.dataDir}/relay'"
		341	];
		342
329	# Add git, openssh, and coreutils to PATH for purgatory sync operations	343	# Add git, openssh, and coreutils to PATH for purgatory sync operations
330	Environment =	344	Environment =
331	"PATH=${pkgs.git}/bin:${pkgs.openssh}/bin:${pkgs.coreutils}/bin";	345	"PATH=${pkgs.git}/bin:${pkgs.openssh}/bin:${pkgs.coreutils}/bin";
@@ -373,7 +387,9 @@ let
373	SystemCallErrorNumber = "EPERM";	387	SystemCallErrorNumber = "EPERM";
374	};	388	};
375		389
376	# Directory creation handled by systemd tmpfiles (see config section below)	390	# Directory creation handled by both ExecStartPre (above) and tmpfiles (below)
		391	# ExecStartPre ensures directories exist at service start time
		392	# tmpfiles provides boot-time setup and consistency
377	};	393	};
378		394
379	enabledInstances =	395	enabledInstances =