From f490ba26d02efd458d7bdfdcce37a5f5b62ce485 Mon Sep 17 00:00:00 2001
From: Jakob Lechner <mail@jalr.de>
Date: Sun, 20 Jul 2025 21:52:35 +0200
Subject: [PATCH] Fix RuntimeDirectoryMode

`config.json` inside the runtime directory contains secrets and should
therefore not be world-readable.
---
 nix/modules/fieldpoc.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nix/modules/fieldpoc.nix b/nix/modules/fieldpoc.nix
index bba2623..18adc52 100644
--- a/nix/modules/fieldpoc.nix
+++ b/nix/modules/fieldpoc.nix
@@ -41,7 +41,7 @@ in {
         User = "fieldpoc";
         Group = "fieldpoc";
         RuntimeDirectory = "fieldpoc";
-        RuntimeDirectoryMode = "0755";
+        RuntimeDirectoryMode = "0750";
         ConfigurationDirectory = "fieldpoc";
         StateDirectory = "fieldpoc";
         StateDirectoryMode = "0700";