From 1dc0df200488a4141cfccec56c9c49aec2e8f71c Mon Sep 17 00:00:00 2001
From: naturallaw77 <advbuwxeew@use.startmail.com>
Date: Wed, 25 Mar 2026 11:45:39 -0500
Subject: [PATCH] updated haven.nix

---
 modules/haven.nix | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/modules/haven.nix b/modules/haven.nix
index cc9891f..a00fa7f 100755
--- a/modules/haven.nix
+++ b/modules/haven.nix
@@ -104,9 +104,28 @@ lib.mkIf (config.sovran_systemsOS.features.haven && npub != "") {
 
   systemd.tmpfiles.rules = [
     "d /var/lib/haven 0750 haven haven -"
-    "f /var/lib/haven/whitelisted_npubs.json 0770 haven haven -"
   ];
 
+  systemd.services.haven-whitelist-setup = {
+    description = "Ensure Haven whitelisted_npubs.json exists";
+    wantedBy = [ "multi-user.target" ];
+    before = [ "haven.service" ];
+    serviceConfig = {
+      Type = "oneshot";
+      RemainAfterExit = true;
+    };
+    script = ''
+      if [ ! -f /var/lib/haven/whitelisted_npubs.json ]; then
+        echo '[]' > /var/lib/haven/whitelisted_npubs.json
+        chown haven:haven /var/lib/haven/whitelisted_npubs.json
+        chmod 770 /var/lib/haven/whitelisted_npubs.json
+      fi
+    '';
+  };
+
+  systemd.services.haven.after = [ "haven-whitelist-setup.service" ];
+  systemd.services.haven.wants = [ "haven-whitelist-setup.service" ];
+
   services.caddy.virtualHosts = {
     "${personalization.haven_url}" = {
       extraConfig = ''