From 95bf85dce4a6e4a3da63a763e97a93cafa8734ba Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Torjus=20H=C3=A5kestad?= <torjus@usit.uio.no>
Date: Fri, 6 Feb 2026 23:27:07 +0100
Subject: [PATCH] fix: add writable state directory for flake collector

When running nix flake metadata, nix and git need writable cache
directories. System service users have home set to /var/empty which
is read-only, causing "cannot create directories" errors.

Add StateDirectory and set HOME/XDG_CACHE_HOME environment variables
to /var/lib/nixos-exporter when flake collector is enabled.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 module.nix | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/module.nix b/module.nix
index 5260c65..3167015 100644
--- a/module.nix
+++ b/module.nix
@@ -120,6 +120,13 @@ in
         RestrictSUIDSGID = true;
         MemoryDenyWriteExecute = true;
         LockPersonality = true;
+      } // lib.optionalAttrs cfg.flake.enable {
+        # nix and git need writable cache directories
+        StateDirectory = "nixos-exporter";
+        Environment = [
+          "HOME=/var/lib/nixos-exporter"
+          "XDG_CACHE_HOME=/var/lib/nixos-exporter/.cache"
+        ];
       };
     };