From f75c25fe6a920eb5bfd051975b0e45e9e05519ce Mon Sep 17 00:00:00 2001
From: Vitaly <v-zhuravlev@users.noreply.github.com>
Date: Fri, 10 Mar 2023 13:41:05 +0800
Subject: [PATCH] Add ReadWritePaths (#34)

---
 roles/grafana_agent/tasks/install/directories.yaml     | 2 +-
 roles/grafana_agent/templates/grafana-agent.service.j2 | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/roles/grafana_agent/tasks/install/directories.yaml b/roles/grafana_agent/tasks/install/directories.yaml
index 3453e6e..593f9ea 100644
--- a/roles/grafana_agent/tasks/install/directories.yaml
+++ b/roles/grafana_agent/tasks/install/directories.yaml
@@ -23,4 +23,4 @@
         state: directory
         owner: root
         group: "{{ grafana_agent_user_group }}"
-        mode: 0755
+        mode: 0775
diff --git a/roles/grafana_agent/templates/grafana-agent.service.j2 b/roles/grafana_agent/templates/grafana-agent.service.j2
index b6e1785..247c77e 100644
--- a/roles/grafana_agent/templates/grafana-agent.service.j2
+++ b/roles/grafana_agent/templates/grafana-agent.service.j2
@@ -11,7 +11,7 @@ After=local-fs.target
 Type=simple
 User={{ grafana_agent_user }}
 Group={{ grafana_agent_user_group }}
-WorkingDirectory={{ grafana_agent_config_dir }}
+WorkingDirectory={{ grafana_agent_data_dir }}
 EnvironmentFile={{ grafana_agent_config_dir }}/{{ grafana_agent_env_file}}
 
 ExecStart={{ grafana_agent_install_dir }}/{{ grafana_agent_binary }} \
@@ -39,6 +39,7 @@ ProtectKernelTunables=yes
 {% else %}
 ProtectSystem=full
 {% endif %}
+ReadWritePaths=/tmp {{ grafana_agent_data_dir }} {{ grafana_agent_positions_dir }} {{ grafana_agent_wal_dir }}
 
 [Install]
 WantedBy=multi-user.target