From 28379c3a5124758f8adf79f9d20e8d332c854eaf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= <sandro.jaeckel@sap.com>
Date: Fri, 3 Jun 2022 18:52:37 +0200
Subject: [PATCH 1/5] Revert "nixos/asf: set restrictive home permissions"

This reverts commit 16f28933e7f6b980a5a3c896aeb02f435db63a84.
---
 nixos/modules/services/games/asf.nix | 1 -
 1 file changed, 1 deletion(-)

diff --git a/nixos/modules/services/games/asf.nix b/nixos/modules/services/games/asf.nix
index 31a112d6c74..0660e373747 100644
--- a/nixos/modules/services/games/asf.nix
+++ b/nixos/modules/services/games/asf.nix
@@ -159,7 +159,6 @@ in
     users = {
       users.asf = {
         home = cfg.dataDir;
-        homeMode = "700";
         isSystemUser = true;
         group = "asf";
         description = "Archis-Steam-Farm service user";

From 4de6a81193c9c29cd03d34552991422d0e6ba051 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= <sandro.jaeckel@sap.com>
Date: Fri, 3 Jun 2022 18:27:10 +0200
Subject: [PATCH 2/5] nixos/asf: fix state directory permissions, for real

---
 nixos/modules/services/games/asf.nix | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/nixos/modules/services/games/asf.nix b/nixos/modules/services/games/asf.nix
index 0660e373747..3d876ec712f 100644
--- a/nixos/modules/services/games/asf.nix
+++ b/nixos/modules/services/games/asf.nix
@@ -173,7 +173,10 @@ in
         wantedBy = [ "multi-user.target" ];
 
         serviceConfig = mkMerge [
-          (mkIf (cfg.dataDir == "/var/lib/asf") { StateDirectory = "asf"; })
+          (mkIf (cfg.dataDir == "/var/lib/asf") {
+            StateDirectory = "asf";
+            StateDirectoryMode = "700";
+          })
           {
             User = "asf";
             Group = "asf";

From d8cd684b62053cb373c1ada9d41434fe737e6177 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= <sandro.jaeckel@sap.com>
Date: Fri, 3 Jun 2022 18:27:28 +0200
Subject: [PATCH 3/5] nixos/asf: restart when self restarting

---
 nixos/modules/services/games/asf.nix | 1 +
 1 file changed, 1 insertion(+)

diff --git a/nixos/modules/services/games/asf.nix b/nixos/modules/services/games/asf.nix
index 3d876ec712f..4eb24b704c7 100644
--- a/nixos/modules/services/games/asf.nix
+++ b/nixos/modules/services/games/asf.nix
@@ -183,6 +183,7 @@ in
             WorkingDirectory = cfg.dataDir;
             Type = "simple";
             ExecStart = "${cfg.package}/bin/ArchiSteamFarm --path ${cfg.dataDir} --process-required --no-restart --service --no-config-migrate";
+            Restart = "always";
 
             # mostly copied from the default systemd service
             PrivateTmp = true;

From 032f15e566ad9f68017c23db0f2b70345a19b74e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= <sandro.jaeckel@sap.com>
Date: Fri, 3 Jun 2022 18:29:34 +0200
Subject: [PATCH 4/5] nixos/asf: add me as maintainer

---
 nixos/modules/services/games/asf.nix | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nixos/modules/services/games/asf.nix b/nixos/modules/services/games/asf.nix
index 4eb24b704c7..86845fe3b55 100644
--- a/nixos/modules/services/games/asf.nix
+++ b/nixos/modules/services/games/asf.nix
@@ -246,6 +246,6 @@ in
 
   meta = {
     buildDocsInSandbox = false;
-    maintainers = with maintainers; [ lom ];
+    maintainers = with maintainers; [ lom SuperSandro2000 ];
   };
 }

From 0df7cba1b0ad4dc019a54aa2fec107a8ae5bf404 Mon Sep 17 00:00:00 2001
From: lom <legendofmiracles@protonmail.com>
Date: Fri, 3 Jun 2022 08:13:08 -0600
Subject: [PATCH 5/5] nixos/asf: ipcPasswordFile use nullOr

---
 nixos/modules/services/games/asf.nix | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/nixos/modules/services/games/asf.nix b/nixos/modules/services/games/asf.nix
index 86845fe3b55..ed1a5544d7a 100644
--- a/nixos/modules/services/games/asf.nix
+++ b/nixos/modules/services/games/asf.nix
@@ -13,7 +13,7 @@ let
     # is in theory not needed as this is already the default for default builds
     UpdateChannel = 0;
     Headless = true;
-  } // lib.optionalAttrs (cfg.ipcPasswordFile != "") {
+  } // lib.optionalAttrs (cfg.ipcPasswordFile != null) {
     IPCPassword = "#ipcPassword#";
   });
 
@@ -94,7 +94,8 @@ in
     };
 
     ipcPasswordFile = mkOption {
-      type = types.path;
+      type = types.nullOr types.path;
+      default = null;
       description = "Path to a file containig the password. The file must be readable by the <literal>asf</literal> user/group.";
     };
 
@@ -225,7 +226,10 @@ in
             mkdir -p config
 
             cp --no-preserve=mode ${asf-config} config/ASF.json
-            ${replaceSecretBin} '#ipcPassword#' '${cfg.ipcPasswordFile}' config/ASF.json
+
+            ${optionalString (cfg.ipcPasswordFile != null) ''
+              ${replaceSecretBin} '#ipcPassword#' '${cfg.ipcPasswordFile}' config/ASF.json
+            ''}
 
             ${optionalString (cfg.ipcSettings != {}) ''
               ln -fs ${ipc-config} config/IPC.config