From d42df7930310c6994b448bae7494745e42b83893 Mon Sep 17 00:00:00 2001
From: 514fpv <koishi@514fpv.one>
Date: Thu, 14 Mar 2024 17:40:56 +0800
Subject: [PATCH] fix(fs): ensure /var/lib/private mode

---
 global/fs/default.nix | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/global/fs/default.nix b/global/fs/default.nix
index 4805dc3e..0871b015 100644
--- a/global/fs/default.nix
+++ b/global/fs/default.nix
@@ -90,5 +90,10 @@ in {
       inherit (cfg.cryptsetup) allowDiscards bypassWorkqueues;
       device = "/dev/disk/by-uuid/${uuid}";
     }) cfg.cryptsetup.uuids);
+
+    environment.persistence."/nix/persist/fhs".files = [ {
+      file = "/var/lib/private/mode";
+      parentDirectory.mode = "0700";
+    } ];
   };
 }