From f93fc0a691544cc3ddda322a7e99d0534d636dcc Mon Sep 17 00:00:00 2001
From: DanConwayDev <DanConwayDev@protonmail.com>
Date: Tue, 20 Jan 2026 07:43:02 +0000
Subject: fix(nix): auto-create data directories with ExecStartPre

Add ExecStartPre directives to ensure data directories exist before
service starts. This fixes service failures when using custom dataDir
paths that don't exist yet.

The tmpfiles.rules weren't automatically executed during nixos-rebuild
switch, causing 'status=226/NAMESPACE' errors. ExecStartPre runs as
root (+ prefix) to create directories with proper ownership/permissions.
---
 nix/module.nix | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

(limited to 'nix')

diff --git a/nix/module.nix b/nix/module.nix
index 5debc9e..40bc868 100644
--- a/nix/module.nix
+++ b/nix/module.nix
@@ -326,6 +326,20 @@ let
       # Working directory where .relay-owner.nsec will be created if needed
       WorkingDirectory = cfg.dataDir;
 
+      # Ensure data directories exist before service starts
+      # The + prefix runs these commands as root
+      # This is necessary because tmpfiles.rules aren't automatically executed
+      # during nixos-rebuild switch, causing service failures with custom dataDirs
+      ExecStartPre = [
+        "+${pkgs.coreutils}/bin/mkdir -p '${cfg.dataDir}'"
+        "+${pkgs.coreutils}/bin/mkdir -p '${cfg.dataDir}/git'"
+        "+${pkgs.coreutils}/bin/mkdir -p '${cfg.dataDir}/relay'"
+        "+${pkgs.coreutils}/bin/chown -R ${cfg.user}:${cfg.group} '${cfg.dataDir}'"
+        "+${pkgs.coreutils}/bin/chmod 750 '${cfg.dataDir}'"
+        "+${pkgs.coreutils}/bin/chmod 750 '${cfg.dataDir}/git'"
+        "+${pkgs.coreutils}/bin/chmod 750 '${cfg.dataDir}/relay'"
+      ];
+
       # Add git, openssh, and coreutils to PATH for purgatory sync operations
       Environment =
         "PATH=${pkgs.git}/bin:${pkgs.openssh}/bin:${pkgs.coreutils}/bin";
@@ -373,7 +387,9 @@ let
       SystemCallErrorNumber = "EPERM";
     };
 
-    # Directory creation handled by systemd tmpfiles (see config section below)
+    # Directory creation handled by both ExecStartPre (above) and tmpfiles (below)
+    # ExecStartPre ensures directories exist at service start time
+    # tmpfiles provides boot-time setup and consistency
   };
 
   enabledInstances =
-- 
cgit v1.2.3