From 6504f559c5d7698e83f203131469aa516dffa1d2 Mon Sep 17 00:00:00 2001
From: LavaDesu <me@lava.moe>
Date: Thu, 24 Feb 2022 13:16:07 +0700
Subject: [PATCH] services/unbound: create stateDir

---
 modules/services/unbound.nix | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/modules/services/unbound.nix b/modules/services/unbound.nix
index 4f135ff..6bbfffd 100644
--- a/modules/services/unbound.nix
+++ b/modules/services/unbound.nix
@@ -1,11 +1,18 @@
-{ inputs, ... }: {
+{ inputs, ... }:
+let
+  dir = "/persist/unbound";
+  uid = toString config.ids.uids.unbound;
+  gid = toString config.ids.gids.unbound;
+in {
   networking.firewall.interfaces.wlan0 = {
     allowedUDPPorts = [ 53 ];
     allowedTCPPorts = [ 53 ];
   };
+  systemd.tmpfiles.rules = [ "d ${dir} 700 ${uid} ${gid}" ];
+
   services.unbound = {
     enable = true;
-    stateDir = "/persist/unbound";
+    stateDir = dir;
     settings = {
       forward-zone = [{
         name = ".";