From b48a64a1ef83f657c83e2109b4bdb89d377e2d1b Mon Sep 17 00:00:00 2001
From: Chaos <chaoticryptidz@owo.monster>
Date: Sat, 3 Dec 2022 15:58:03 +0000
Subject: [PATCH] change PreStartScript of piped to ensure correct file
 permissions

---
 hosts/hetzner-vm/modules/piped/backend.nix | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/hosts/hetzner-vm/modules/piped/backend.nix b/hosts/hetzner-vm/modules/piped/backend.nix
index cea451d..8c6aae4 100644
--- a/hosts/hetzner-vm/modules/piped/backend.nix
+++ b/hosts/hetzner-vm/modules/piped/backend.nix
@@ -54,14 +54,18 @@ in {
       wantedBy = [ "multi-user.target" ];
       serviceConfig = {
         WorkingDirectory = "/run/piped-backend";
-        ExecStartPre = "${pkgs.writeShellScript "piped-backend-init" ''
-          cp ${backend_config_file} /run/piped-backend/config.properties
+        ExecStartPre = let 
+          confFile = "/run/piped-backend/config.properties";
+        in "${pkgs.writeShellScript "piped-backend-init" ''
+          [ -f "${confFile}" ] && rm ${confFile}
+          cp ${backend_config_file} ${confFile}
+          chmod 660 ${confFile}
           ${if (cfg.enableCaptcha && cfg.captchaAPIKeyFile != "") then ''
-            sed -i "s/CAPTCHA_API_KEY_FILE/$(cat cfg.captchaAPIKeyFile | sed "s#/#\\\/#")/" /run/piped-backend/config.properties 
+            sed -i "s/CAPTCHA_API_KEY_FILE/$(cat cfg.captchaAPIKeyFile | sed "s#/#\\\/#")/" ${confFile}
           '' else
             ""}
           ${if (cfg.enableFederation && cfg.matrixTokenFile != "") then ''
-            sed -i "s/MATRIX_TOKEN_FILE/$(cat cfg.matrixTokenFile | sed "s#/#\\\/#")/" /run/piped-backend/config.properties
+            sed -i "s/MATRIX_TOKEN_FILE/$(cat cfg.matrixTokenFile | sed "s#/#\\\/#")/" ${confFile}
           '' else
             ""}
         ''}";