diff --git a/container/webserver/config/mosquitto.nix b/container/webserver/config/mosquitto.nix index ec49976..eec525e 100644 --- a/container/webserver/config/mosquitto.nix +++ b/container/webserver/config/mosquitto.nix @@ -2,10 +2,21 @@ let secret = import ../../../secret/container/webserver.nix; in { - environment.etc."container-webserver/mosquitto/mosquitto.conf".text = '' - listener 1883 - password_file /mosquitto/config/users.conf - ''; + environment.etc."container-webserver/mosquitto/mosquitto.conf" = { + text = '' + listener 1883 + password_file /mosquitto/config/users.conf + ''; - environment.etc."container-webserver/mosquitto/users.conf".text = secret.container.webserver.mosquitto.users; + mode = "0644"; + uid = 1883; + gid = 1883; + }; + + environment.etc."container-webserver/mosquitto/users.conf" = { + text = secret.container.webserver.mosquitto.users; + mode = "0644"; + uid = 1883; + gid = 1883; + }; } diff --git a/container/webserver/default.nix b/container/webserver/default.nix index 83c52c5..71c177e 100644 --- a/container/webserver/default.nix +++ b/container/webserver/default.nix @@ -29,6 +29,7 @@ in depends_on = [ "ipv6nat" ]; networks = [ "webserver" ]; ports = [ "1883:1883" ]; + user = "1883"; volumes = [ "/etc/container-webserver/mosquitto:/mosquitto/config:ro" ];