mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-11-22 23:13:19 +00:00
nixos/modules: users.(extraUsers|extraGroup->users|group)
This commit is contained in:
parent
89d5d191b4
commit
fff5923686
@ -215,11 +215,11 @@ in
|
||||
);
|
||||
|
||||
users = mkIf cfg.daemon.enable {
|
||||
extraGroups.nslcd = {
|
||||
groups.nslcd = {
|
||||
gid = config.ids.gids.nslcd;
|
||||
};
|
||||
|
||||
extraUsers.nslcd = {
|
||||
users.nslcd = {
|
||||
uid = config.ids.uids.nslcd;
|
||||
description = "nslcd user.";
|
||||
group = "nslcd";
|
||||
|
@ -264,7 +264,7 @@ in {
|
||||
})
|
||||
|
||||
(mkIf systemWide {
|
||||
users.extraUsers.pulse = {
|
||||
users.users.pulse = {
|
||||
# For some reason, PulseAudio wants UID == GID.
|
||||
uid = assert uid == gid; uid;
|
||||
group = "pulse";
|
||||
@ -274,7 +274,7 @@ in {
|
||||
createHome = true;
|
||||
};
|
||||
|
||||
users.extraGroups.pulse.gid = gid;
|
||||
users.groups.pulse.gid = gid;
|
||||
|
||||
systemd.services.pulseaudio = {
|
||||
description = "PulseAudio System-Wide Server";
|
||||
|
@ -36,6 +36,6 @@ in
|
||||
{ inherit (cfg) group; }
|
||||
))
|
||||
];
|
||||
users.extraGroups."${cfg.group}" = {};
|
||||
users.groups."${cfg.group}" = {};
|
||||
};
|
||||
}
|
||||
|
@ -101,7 +101,7 @@ in {
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
users.extraGroups = mkIf isMLocate { mlocate = {}; };
|
||||
users.groups = mkIf isMLocate { mlocate = {}; };
|
||||
|
||||
security.wrappers = mkIf isMLocate {
|
||||
locate = {
|
||||
|
@ -3,7 +3,7 @@
|
||||
{
|
||||
imports = [ ./graphical.nix ];
|
||||
|
||||
users.extraUsers.demo =
|
||||
users.users.demo =
|
||||
{ isNormalUser = true;
|
||||
description = "Demo user account";
|
||||
extraGroups = [ "wheel" ];
|
||||
|
@ -14,7 +14,7 @@ with lib;
|
||||
description = ''
|
||||
Whether to configure system to use Android Debug Bridge (adb).
|
||||
To grant access to a user, it must be part of adbusers group:
|
||||
<code>users.extraUsers.alice.extraGroups = ["adbusers"];</code>
|
||||
<code>users.users.alice.extraGroups = ["adbusers"];</code>
|
||||
'';
|
||||
relatedPackages = [ ["androidenv" "platformTools"] ];
|
||||
};
|
||||
@ -25,6 +25,6 @@ with lib;
|
||||
config = mkIf config.programs.adb.enable {
|
||||
services.udev.packages = [ pkgs.android-udev-rules ];
|
||||
environment.systemPackages = [ pkgs.androidenv.platformTools ];
|
||||
users.extraGroups.adbusers = {};
|
||||
users.groups.adbusers = {};
|
||||
};
|
||||
}
|
||||
|
@ -15,7 +15,7 @@ with lib;
|
||||
Whether to configure system to use gphoto2.
|
||||
To grant digital camera access to a user, the user must
|
||||
be part of the camera group:
|
||||
<code>users.extraUsers.alice.extraGroups = ["camera"];</code>
|
||||
<code>users.users.alice.extraGroups = ["camera"];</code>
|
||||
'';
|
||||
};
|
||||
};
|
||||
@ -25,6 +25,6 @@ with lib;
|
||||
config = mkIf config.programs.gphoto2.enable {
|
||||
services.udev.packages = [ pkgs.libgphoto2 ];
|
||||
environment.systemPackages = [ pkgs.gphoto2 ];
|
||||
users.extraGroups.camera = {};
|
||||
users.groups.camera = {};
|
||||
};
|
||||
}
|
||||
|
@ -73,7 +73,7 @@ in {
|
||||
permissions = "u+rx,g+rx";
|
||||
};
|
||||
|
||||
users.extraGroups.sway = {};
|
||||
users.groups.sway = {};
|
||||
security.pam.services.swaylock = {};
|
||||
|
||||
hardware.opengl.enable = mkDefault true;
|
||||
|
@ -29,7 +29,7 @@ in {
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
environment.systemPackages = [ wireshark ];
|
||||
users.extraGroups.wireshark = {};
|
||||
users.groups.wireshark = {};
|
||||
|
||||
security.wrappers.dumpcap = {
|
||||
source = "${wireshark}/bin/dumpcap";
|
||||
|
@ -40,7 +40,7 @@ in
|
||||
target = "security/pam_mount.conf.xml";
|
||||
source =
|
||||
let
|
||||
extraUserVolumes = filterAttrs (n: u: u.cryptHomeLuks != null) config.users.extraUsers;
|
||||
extraUserVolumes = filterAttrs (n: u: u.cryptHomeLuks != null) config.users.users;
|
||||
userVolumeEntry = user: "<volume user=\"${user.name}\" path=\"${user.cryptHomeLuks}\" mountpoint=\"${user.home}\" />\n";
|
||||
in
|
||||
pkgs.writeText "pam_mount.conf.xml" ''
|
||||
|
@ -94,7 +94,7 @@ in
|
||||
rm -rf /var/lib/{polkit-1,PolicyKit}
|
||||
'';
|
||||
|
||||
users.extraUsers.polkituser = {
|
||||
users.users.polkituser = {
|
||||
description = "PolKit daemon";
|
||||
uid = config.ids.uids.polkituser;
|
||||
};
|
||||
|
@ -34,7 +34,7 @@ with lib;
|
||||
|
||||
services.dbus.packages = [ pkgs.rtkit ];
|
||||
|
||||
users.extraUsers = singleton
|
||||
users.users = singleton
|
||||
{ name = "rtkit";
|
||||
uid = config.ids.uids.rtkit;
|
||||
description = "RealtimeKit daemon";
|
||||
|
@ -83,8 +83,8 @@ in
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
users.extraGroups.${cfg.group} = { };
|
||||
users.extraUsers.${cfg.user} = {
|
||||
users.groups.${cfg.group} = { };
|
||||
users.users.${cfg.user} = {
|
||||
description = "Oxidized service user";
|
||||
group = cfg.group;
|
||||
home = cfg.dataDir;
|
||||
|
@ -93,13 +93,13 @@ in {
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
users.extraUsers.activemq = {
|
||||
users.users.activemq = {
|
||||
description = "ActiveMQ server user";
|
||||
group = "activemq";
|
||||
uid = config.ids.uids.activemq;
|
||||
};
|
||||
|
||||
users.extraGroups.activemq.gid = config.ids.gids.activemq;
|
||||
users.groups.activemq.gid = config.ids.gids.activemq;
|
||||
|
||||
systemd.services.activemq_init = {
|
||||
wantedBy = [ "activemq.service" ];
|
||||
|
@ -83,7 +83,7 @@ in {
|
||||
|
||||
environment.systemPackages = [ pkgs.rabbitmq_server ];
|
||||
|
||||
users.extraUsers.rabbitmq = {
|
||||
users.users.rabbitmq = {
|
||||
description = "RabbitMQ server user";
|
||||
home = "${cfg.dataDir}";
|
||||
createHome = true;
|
||||
@ -91,7 +91,7 @@ in {
|
||||
uid = config.ids.uids.rabbitmq;
|
||||
};
|
||||
|
||||
users.extraGroups.rabbitmq.gid = config.ids.gids.rabbitmq;
|
||||
users.groups.rabbitmq.gid = config.ids.gids.rabbitmq;
|
||||
|
||||
systemd.services.rabbitmq = {
|
||||
description = "RabbitMQ Server";
|
||||
|
@ -57,7 +57,7 @@ in
|
||||
|
||||
config = mkIf (builtins.length streams != 0) {
|
||||
|
||||
users.extraUsers.liquidsoap = {
|
||||
users.users.liquidsoap = {
|
||||
uid = config.ids.uids.liquidsoap;
|
||||
group = "liquidsoap";
|
||||
extraGroups = [ "audio" ];
|
||||
@ -66,7 +66,7 @@ in
|
||||
createHome = true;
|
||||
};
|
||||
|
||||
users.extraGroups.liquidsoap.gid = config.ids.gids.liquidsoap;
|
||||
users.groups.liquidsoap.gid = config.ids.gids.liquidsoap;
|
||||
|
||||
systemd.services = builtins.listToAttrs ( map streamService streams );
|
||||
};
|
||||
|
@ -93,7 +93,7 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
users.extraUsers.mopidy = {
|
||||
users.users.mopidy = {
|
||||
inherit uid;
|
||||
group = "mopidy";
|
||||
extraGroups = [ "audio" ];
|
||||
@ -101,7 +101,7 @@ in {
|
||||
home = "${cfg.dataDir}";
|
||||
};
|
||||
|
||||
users.extraGroups.mopidy.gid = gid;
|
||||
users.groups.mopidy.gid = gid;
|
||||
|
||||
};
|
||||
|
||||
|
@ -184,7 +184,7 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
users.extraUsers = optionalAttrs (cfg.user == name) (singleton {
|
||||
users.users = optionalAttrs (cfg.user == name) (singleton {
|
||||
inherit uid;
|
||||
inherit name;
|
||||
group = cfg.group;
|
||||
@ -193,7 +193,7 @@ in {
|
||||
home = "${cfg.dataDir}";
|
||||
});
|
||||
|
||||
users.extraGroups = optionalAttrs (cfg.group == name) (singleton {
|
||||
users.groups = optionalAttrs (cfg.group == name) (singleton {
|
||||
inherit name;
|
||||
gid = gid;
|
||||
});
|
||||
|
@ -54,7 +54,7 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
users.extraUsers.squeezelite= {
|
||||
users.users.squeezelite= {
|
||||
inherit uid;
|
||||
group = "nogroup";
|
||||
extraGroups = [ "audio" ];
|
||||
|
@ -397,7 +397,7 @@ in {
|
||||
|
||||
environment.systemPackages = [ pkgs.bacula ];
|
||||
|
||||
users.extraUsers.bacula = {
|
||||
users.users.bacula = {
|
||||
group = "bacula";
|
||||
uid = config.ids.uids.bacula;
|
||||
home = "${libDir}";
|
||||
@ -406,6 +406,6 @@ in {
|
||||
shell = "${pkgs.bash}/bin/bash";
|
||||
};
|
||||
|
||||
users.extraGroups.bacula.gid = config.ids.gids.bacula;
|
||||
users.groups.bacula.gid = config.ids.gids.bacula;
|
||||
};
|
||||
}
|
||||
|
@ -44,13 +44,13 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
users.extraUsers.duplicati = {
|
||||
users.users.duplicati = {
|
||||
uid = config.ids.uids.duplicati;
|
||||
home = "/var/lib/duplicati";
|
||||
createHome = true;
|
||||
group = "duplicati";
|
||||
};
|
||||
users.extraGroups.duplicati.gid = config.ids.gids.duplicati;
|
||||
users.groups.duplicati.gid = config.ids.gids.duplicati;
|
||||
|
||||
};
|
||||
}
|
||||
|
@ -84,7 +84,7 @@ in
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
users.extraUsers = optionalAttrs (cfg.user == defaultUser) (singleton
|
||||
users.users = optionalAttrs (cfg.user == defaultUser) (singleton
|
||||
{ name = defaultUser;
|
||||
isSystemUser = true;
|
||||
createHome = false;
|
||||
|
@ -95,13 +95,13 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
users.extraUsers.restic = {
|
||||
users.users.restic = {
|
||||
group = "restic";
|
||||
home = cfg.dataDir;
|
||||
createHome = true;
|
||||
uid = config.ids.uids.restic;
|
||||
};
|
||||
|
||||
users.extraGroups.restic.gid = config.ids.uids.restic;
|
||||
users.groups.restic.gid = config.ids.uids.restic;
|
||||
};
|
||||
}
|
||||
|
@ -1145,7 +1145,7 @@ in {
|
||||
];
|
||||
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
users.extraUsers = singleton {
|
||||
users.users = singleton {
|
||||
name = "kubernetes";
|
||||
uid = config.ids.uids.kubernetes;
|
||||
description = "Kubernetes user";
|
||||
@ -1154,7 +1154,7 @@ in {
|
||||
home = cfg.dataDir;
|
||||
createHome = true;
|
||||
};
|
||||
users.extraGroups.kubernetes.gid = config.ids.gids.kubernetes;
|
||||
users.groups.kubernetes.gid = config.ids.gids.kubernetes;
|
||||
|
||||
# dns addon is enabled by default
|
||||
services.kubernetes.addons.dns.enable = mkDefault true;
|
||||
|
@ -191,11 +191,11 @@ in {
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
users.extraGroups = optional (cfg.group == "buildbot") {
|
||||
users.groups = optional (cfg.group == "buildbot") {
|
||||
name = "buildbot";
|
||||
};
|
||||
|
||||
users.extraUsers = optional (cfg.user == "buildbot") {
|
||||
users.users = optional (cfg.user == "buildbot") {
|
||||
name = "buildbot";
|
||||
description = "Buildbot User.";
|
||||
isNormalUser = true;
|
||||
|
@ -84,11 +84,11 @@ in {
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
users.extraGroups = optional (cfg.group == "bbworker") {
|
||||
users.groups = optional (cfg.group == "bbworker") {
|
||||
name = "bbworker";
|
||||
};
|
||||
|
||||
users.extraUsers = optional (cfg.user == "bbworker") {
|
||||
users.users = optional (cfg.user == "bbworker") {
|
||||
name = "bbworker";
|
||||
description = "Buildbot Worker User.";
|
||||
isNormalUser = true;
|
||||
|
@ -185,7 +185,7 @@ in
|
||||
};
|
||||
|
||||
config = mkIf config.services.buildkite-agent.enable {
|
||||
users.extraUsers.buildkite-agent =
|
||||
users.users.buildkite-agent =
|
||||
{ name = "buildkite-agent";
|
||||
home = cfg.dataDir;
|
||||
createHome = true;
|
||||
|
@ -134,7 +134,7 @@ in
|
||||
# Make the gitlab-runner command availabe so users can query the runner
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
|
||||
users.extraUsers.gitlab-runner = {
|
||||
users.users.gitlab-runner = {
|
||||
group = "gitlab-runner";
|
||||
extraGroups = optional hasDocker "docker";
|
||||
uid = config.ids.uids.gitlab-runner;
|
||||
@ -142,6 +142,6 @@ in
|
||||
createHome = true;
|
||||
};
|
||||
|
||||
users.extraGroups.gitlab-runner.gid = config.ids.gids.gitlab-runner;
|
||||
users.groups.gitlab-runner.gid = config.ids.gids.gitlab-runner;
|
||||
};
|
||||
}
|
||||
|
@ -135,12 +135,12 @@ in {
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
users.extraGroups = optional (cfg.group == "gocd-agent") {
|
||||
users.groups = optional (cfg.group == "gocd-agent") {
|
||||
name = "gocd-agent";
|
||||
gid = config.ids.gids.gocd-agent;
|
||||
};
|
||||
|
||||
users.extraUsers = optional (cfg.user == "gocd-agent") {
|
||||
users.users = optional (cfg.user == "gocd-agent") {
|
||||
name = "gocd-agent";
|
||||
description = "gocd-agent user";
|
||||
createHome = true;
|
||||
|
@ -113,8 +113,8 @@ in {
|
||||
|
||||
extraOptions = mkOption {
|
||||
default = [ ];
|
||||
example = [
|
||||
"-X debug"
|
||||
example = [
|
||||
"-X debug"
|
||||
"-Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005"
|
||||
"-verbose:gc"
|
||||
"-Xloggc:go-server-gc.log"
|
||||
@ -143,12 +143,12 @@ in {
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
users.extraGroups = optional (cfg.group == "gocd-server") {
|
||||
users.groups = optional (cfg.group == "gocd-server") {
|
||||
name = "gocd-server";
|
||||
gid = config.ids.gids.gocd-server;
|
||||
};
|
||||
|
||||
users.extraUsers = optional (cfg.user == "gocd-server") {
|
||||
users.users = optional (cfg.user == "gocd-server") {
|
||||
name = "gocd-server";
|
||||
description = "gocd-server user";
|
||||
createHome = true;
|
||||
|
@ -194,11 +194,11 @@ in
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
users.extraGroups.hydra = {
|
||||
users.groups.hydra = {
|
||||
gid = config.ids.gids.hydra;
|
||||
};
|
||||
|
||||
users.extraUsers.hydra =
|
||||
users.users.hydra =
|
||||
{ description = "Hydra";
|
||||
group = "hydra";
|
||||
createHome = true;
|
||||
@ -207,7 +207,7 @@ in
|
||||
uid = config.ids.uids.hydra;
|
||||
};
|
||||
|
||||
users.extraUsers.hydra-queue-runner =
|
||||
users.users.hydra-queue-runner =
|
||||
{ description = "Hydra queue runner";
|
||||
group = "hydra";
|
||||
useDefaultShell = true;
|
||||
@ -215,7 +215,7 @@ in
|
||||
uid = config.ids.uids.hydra-queue-runner;
|
||||
};
|
||||
|
||||
users.extraUsers.hydra-www =
|
||||
users.users.hydra-www =
|
||||
{ description = "Hydra web server";
|
||||
group = "hydra";
|
||||
useDefaultShell = true;
|
||||
|
@ -150,12 +150,12 @@ in {
|
||||
pkgs.dejavu_fonts
|
||||
];
|
||||
|
||||
users.extraGroups = optional (cfg.group == "jenkins") {
|
||||
users.groups = optional (cfg.group == "jenkins") {
|
||||
name = "jenkins";
|
||||
gid = config.ids.gids.jenkins;
|
||||
};
|
||||
|
||||
users.extraUsers = optional (cfg.user == "jenkins") {
|
||||
users.users = optional (cfg.user == "jenkins") {
|
||||
name = "jenkins";
|
||||
description = "jenkins user";
|
||||
createHome = true;
|
||||
|
@ -50,12 +50,12 @@ in {
|
||||
};
|
||||
|
||||
config = mkIf (cfg.enable && !masterCfg.enable) {
|
||||
users.extraGroups = optional (cfg.group == "jenkins") {
|
||||
users.groups = optional (cfg.group == "jenkins") {
|
||||
name = "jenkins";
|
||||
gid = config.ids.gids.jenkins;
|
||||
};
|
||||
|
||||
users.extraUsers = optional (cfg.user == "jenkins") {
|
||||
users.users = optional (cfg.user == "jenkins") {
|
||||
name = "jenkins";
|
||||
description = "jenkins user";
|
||||
createHome = true;
|
||||
|
@ -52,7 +52,7 @@ with lib;
|
||||
message = "Must specify 4Store database name";
|
||||
};
|
||||
|
||||
users.extraUsers = singleton
|
||||
users.users = singleton
|
||||
{ name = endpointUser;
|
||||
uid = config.ids.uids.fourstorehttp;
|
||||
description = "4Store SPARQL endpoint user";
|
||||
|
@ -43,7 +43,7 @@ with lib;
|
||||
message = "Must specify 4Store database name.";
|
||||
};
|
||||
|
||||
users.extraUsers = singleton
|
||||
users.users = singleton
|
||||
{ name = fourStoreUser;
|
||||
uid = config.ids.uids.fourstore;
|
||||
description = "4Store database user";
|
||||
|
@ -420,7 +420,7 @@ in {
|
||||
9160
|
||||
];
|
||||
|
||||
users.extraUsers.cassandra =
|
||||
users.users.cassandra =
|
||||
if config.ids.uids ? "cassandra"
|
||||
then { uid = config.ids.uids.cassandra; } // cassandraUser
|
||||
else cassandraUser ;
|
||||
|
@ -27,14 +27,14 @@ with lib;
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
users.extraUsers.clickhouse = {
|
||||
users.users.clickhouse = {
|
||||
name = "clickhouse";
|
||||
uid = config.ids.uids.clickhouse;
|
||||
group = "clickhouse";
|
||||
description = "ClickHouse server user";
|
||||
};
|
||||
|
||||
users.extraGroups.clickhouse.gid = config.ids.gids.clickhouse;
|
||||
users.groups.clickhouse.gid = config.ids.gids.clickhouse;
|
||||
|
||||
systemd.services.clickhouse = {
|
||||
description = "ClickHouse server";
|
||||
|
@ -198,13 +198,13 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
users.extraUsers.couchdb = {
|
||||
users.users.couchdb = {
|
||||
description = "CouchDB Server user";
|
||||
group = "couchdb";
|
||||
uid = config.ids.uids.couchdb;
|
||||
};
|
||||
|
||||
users.extraGroups.couchdb.gid = config.ids.gids.couchdb;
|
||||
users.groups.couchdb.gid = config.ids.gids.couchdb;
|
||||
|
||||
};
|
||||
}
|
||||
|
@ -154,13 +154,13 @@ in
|
||||
# there are some additional settings which should be reviewed
|
||||
'';
|
||||
|
||||
users.extraUsers.firebird = {
|
||||
users.users.firebird = {
|
||||
description = "Firebird server user";
|
||||
group = "firebird";
|
||||
uid = config.ids.uids.firebird;
|
||||
};
|
||||
|
||||
users.extraGroups.firebird.gid = config.ids.gids.firebird;
|
||||
users.groups.firebird.gid = config.ids.gids.firebird;
|
||||
|
||||
};
|
||||
}
|
||||
|
@ -325,14 +325,14 @@ in
|
||||
|
||||
environment.systemPackages = [ pkg ];
|
||||
|
||||
users.extraUsers = optionalAttrs (cfg.user == "foundationdb") (singleton
|
||||
users.users = optionalAttrs (cfg.user == "foundationdb") (singleton
|
||||
{ name = "foundationdb";
|
||||
description = "FoundationDB User";
|
||||
uid = config.ids.uids.foundationdb;
|
||||
group = cfg.group;
|
||||
});
|
||||
|
||||
users.extraGroups = optionalAttrs (cfg.group == "foundationdb") (singleton
|
||||
users.groups = optionalAttrs (cfg.group == "foundationdb") (singleton
|
||||
{ name = "foundationdb";
|
||||
gid = config.ids.gids.foundationdb;
|
||||
});
|
||||
|
@ -122,13 +122,13 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
users.extraUsers.hbase = {
|
||||
users.users.hbase = {
|
||||
description = "HBase Server user";
|
||||
group = "hbase";
|
||||
uid = config.ids.uids.hbase;
|
||||
};
|
||||
|
||||
users.extraGroups.hbase.gid = config.ids.gids.hbase;
|
||||
users.groups.hbase.gid = config.ids.gids.hbase;
|
||||
|
||||
};
|
||||
}
|
||||
|
@ -182,13 +182,13 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
users.extraUsers = optional (cfg.user == "influxdb") {
|
||||
users.users = optional (cfg.user == "influxdb") {
|
||||
name = "influxdb";
|
||||
uid = config.ids.uids.influxdb;
|
||||
description = "Influxdb daemon user";
|
||||
};
|
||||
|
||||
users.extraGroups = optional (cfg.group == "influxdb") {
|
||||
users.groups = optional (cfg.group == "influxdb") {
|
||||
name = "influxdb";
|
||||
gid = config.ids.gids.influxdb;
|
||||
};
|
||||
|
@ -64,7 +64,7 @@ in
|
||||
|
||||
config = mkIf config.services.memcached.enable {
|
||||
|
||||
users.extraUsers = optional (cfg.user == "memcached") {
|
||||
users.users = optional (cfg.user == "memcached") {
|
||||
name = "memcached";
|
||||
description = "Memcached server user";
|
||||
};
|
||||
|
@ -93,7 +93,7 @@ in
|
||||
|
||||
config = mkIf config.services.mongodb.enable {
|
||||
|
||||
users.extraUsers.mongodb = mkIf (cfg.user == "mongodb")
|
||||
users.users.mongodb = mkIf (cfg.user == "mongodb")
|
||||
{ name = "mongodb";
|
||||
uid = config.ids.uids.mongodb;
|
||||
description = "MongoDB server user";
|
||||
|
@ -221,13 +221,13 @@ in
|
||||
mkDefault (if versionAtLeast config.system.nixos.stateVersion "17.09" then "/var/lib/mysql"
|
||||
else "/var/mysql");
|
||||
|
||||
users.extraUsers.mysql = {
|
||||
users.users.mysql = {
|
||||
description = "MySQL server user";
|
||||
group = "mysql";
|
||||
uid = config.ids.uids.mysql;
|
||||
};
|
||||
|
||||
users.extraGroups.mysql.gid = config.ids.gids.mysql;
|
||||
users.groups.mysql.gid = config.ids.gids.mysql;
|
||||
|
||||
environment.systemPackages = [mysql];
|
||||
|
||||
|
@ -139,7 +139,7 @@ in {
|
||||
|
||||
environment.systemPackages = [ cfg.package ];
|
||||
|
||||
users.extraUsers = singleton {
|
||||
users.users = singleton {
|
||||
name = "neo4j";
|
||||
uid = config.ids.uids.neo4j;
|
||||
description = "Neo4j daemon user";
|
||||
|
@ -145,13 +145,13 @@ in
|
||||
"${configOpts}";
|
||||
};
|
||||
|
||||
users.extraUsers.openldap =
|
||||
users.users.openldap =
|
||||
{ name = cfg.user;
|
||||
group = cfg.group;
|
||||
uid = config.ids.uids.openldap;
|
||||
};
|
||||
|
||||
users.extraGroups.openldap =
|
||||
users.groups.openldap =
|
||||
{ name = cfg.group;
|
||||
gid = config.ids.gids.openldap;
|
||||
};
|
||||
|
@ -97,13 +97,13 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
users.extraUsers.opentsdb = {
|
||||
users.users.opentsdb = {
|
||||
description = "OpenTSDB Server user";
|
||||
group = "opentsdb";
|
||||
uid = config.ids.uids.opentsdb;
|
||||
};
|
||||
|
||||
users.extraGroups.opentsdb.gid = config.ids.gids.opentsdb;
|
||||
users.groups.opentsdb.gid = config.ids.gids.opentsdb;
|
||||
|
||||
};
|
||||
}
|
||||
|
@ -183,14 +183,14 @@ in
|
||||
host all all ::1/128 md5
|
||||
'';
|
||||
|
||||
users.extraUsers.postgres =
|
||||
users.users.postgres =
|
||||
{ name = "postgres";
|
||||
uid = config.ids.uids.postgres;
|
||||
group = "postgres";
|
||||
description = "PostgreSQL server user";
|
||||
};
|
||||
|
||||
users.extraGroups.postgres.gid = config.ids.gids.postgres;
|
||||
users.groups.postgres.gid = config.ids.gids.postgres;
|
||||
|
||||
environment.systemPackages = [ postgresql ];
|
||||
|
||||
|
@ -217,7 +217,7 @@ in
|
||||
allowedTCPPorts = [ cfg.port ];
|
||||
};
|
||||
|
||||
users.extraUsers.redis =
|
||||
users.users.redis =
|
||||
{ name = cfg.user;
|
||||
description = "Redis database user";
|
||||
};
|
||||
|
@ -96,12 +96,12 @@ in
|
||||
'';
|
||||
};
|
||||
|
||||
users.extraUsers.rethinkdb = mkIf (cfg.user == "rethinkdb")
|
||||
users.users.rethinkdb = mkIf (cfg.user == "rethinkdb")
|
||||
{ name = "rethinkdb";
|
||||
description = "RethinkDB server user";
|
||||
};
|
||||
|
||||
users.extraGroups = optionalAttrs (cfg.group == "rethinkdb") (singleton
|
||||
users.groups = optionalAttrs (cfg.group == "rethinkdb") (singleton
|
||||
{ name = "rethinkdb";
|
||||
});
|
||||
|
||||
|
@ -145,7 +145,7 @@ in
|
||||
${cfg.extraAdvancedConfig}
|
||||
'';
|
||||
|
||||
users.extraUsers.riak-cs = {
|
||||
users.users.riak-cs = {
|
||||
name = "riak-cs";
|
||||
uid = config.ids.uids.riak-cs;
|
||||
group = "riak";
|
||||
|
@ -102,14 +102,14 @@ in
|
||||
${cfg.extraAdvancedConfig}
|
||||
'';
|
||||
|
||||
users.extraUsers.riak = {
|
||||
users.users.riak = {
|
||||
name = "riak";
|
||||
uid = config.ids.uids.riak;
|
||||
group = "riak";
|
||||
description = "Riak server user";
|
||||
};
|
||||
|
||||
users.extraGroups.riak.gid = config.ids.gids.riak;
|
||||
users.groups.riak.gid = config.ids.gids.riak;
|
||||
|
||||
systemd.services.riak = {
|
||||
description = "Riak Server";
|
||||
|
@ -143,14 +143,14 @@ in
|
||||
${cfg.extraConfig}
|
||||
'';
|
||||
|
||||
users.extraUsers.stanchion = {
|
||||
users.users.stanchion = {
|
||||
name = "stanchion";
|
||||
uid = config.ids.uids.stanchion;
|
||||
group = "stanchion";
|
||||
description = "Stanchion server user";
|
||||
};
|
||||
|
||||
users.extraGroups.stanchion.gid = config.ids.gids.stanchion;
|
||||
users.groups.stanchion.gid = config.ids.gids.stanchion;
|
||||
|
||||
systemd.services.stanchion = {
|
||||
description = "Stanchion Server";
|
||||
|
@ -54,7 +54,7 @@ with lib;
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
users.extraUsers = singleton
|
||||
users.users = singleton
|
||||
{ name = virtuosoUser;
|
||||
uid = config.ids.uids.virtuoso;
|
||||
description = "virtuoso user";
|
||||
|
@ -111,12 +111,12 @@ in {
|
||||
};
|
||||
|
||||
config = mkIf (cfg.enable) {
|
||||
users.extraUsers = optional (cfg.user == "infinoted")
|
||||
users.users = optional (cfg.user == "infinoted")
|
||||
{ name = "infinoted";
|
||||
description = "Infinoted user";
|
||||
group = cfg.group;
|
||||
};
|
||||
users.extraGroups = optional (cfg.group == "infinoted")
|
||||
users.groups = optional (cfg.group == "infinoted")
|
||||
{ name = "infinoted";
|
||||
};
|
||||
|
||||
|
@ -45,7 +45,7 @@ in
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
users.extraUsers.minecraft = {
|
||||
users.users.minecraft = {
|
||||
description = "Minecraft Server Service user";
|
||||
home = cfg.dataDir;
|
||||
createHome = true;
|
||||
|
@ -79,7 +79,7 @@ in
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
users.extraUsers.minetest = {
|
||||
users.users.minetest = {
|
||||
description = "Minetest Server Service user";
|
||||
home = "/var/lib/minetest";
|
||||
createHome = true;
|
||||
|
@ -105,14 +105,14 @@ in
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
users.extraUsers.terraria = {
|
||||
users.users.terraria = {
|
||||
description = "Terraria server service user";
|
||||
home = "/var/lib/terraria";
|
||||
createHome = true;
|
||||
uid = config.ids.uids.terraria;
|
||||
};
|
||||
|
||||
users.extraGroups.terraria = {
|
||||
users.groups.terraria = {
|
||||
gid = config.ids.gids.terraria;
|
||||
members = [ "terraria" ];
|
||||
};
|
||||
|
@ -124,7 +124,7 @@ in
|
||||
environment.sessionVariables = env;
|
||||
services.udev.packages = backends;
|
||||
|
||||
users.extraGroups."scanner".gid = config.ids.gids.scanner;
|
||||
users.groups."scanner".gid = config.ids.gids.scanner;
|
||||
})
|
||||
|
||||
(mkIf config.services.saned.enable {
|
||||
@ -152,7 +152,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
users.extraUsers."scanner" = {
|
||||
users.users."scanner" = {
|
||||
uid = config.ids.uids.scanner;
|
||||
group = "scanner";
|
||||
};
|
||||
|
@ -137,13 +137,13 @@ in
|
||||
serviceConfig.ExecStart = "${pkgs.trousers}/sbin/tcsd -f -c ${tcsdConf}";
|
||||
};
|
||||
|
||||
users.extraUsers = optionalAttrs (cfg.user == "tss") (singleton
|
||||
users.users = optionalAttrs (cfg.user == "tss") (singleton
|
||||
{ name = "tss";
|
||||
group = "tss";
|
||||
uid = config.ids.uids.tss;
|
||||
});
|
||||
|
||||
users.extraGroups = optionalAttrs (cfg.group == "tss") (singleton
|
||||
users.groups = optionalAttrs (cfg.group == "tss") (singleton
|
||||
{ name = "tss";
|
||||
gid = config.ids.gids.tss;
|
||||
});
|
||||
|
@ -43,13 +43,13 @@ in
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
users.extraUsers = optional (cfg.user == defaultUserGroup) {
|
||||
users.users = optional (cfg.user == defaultUserGroup) {
|
||||
name = cfg.user;
|
||||
description = "usbmuxd user";
|
||||
group = cfg.group;
|
||||
};
|
||||
|
||||
users.extraGroups = optional (cfg.group == defaultUserGroup) {
|
||||
users.groups = optional (cfg.group == defaultUserGroup) {
|
||||
name = cfg.group;
|
||||
};
|
||||
|
||||
|
@ -127,7 +127,7 @@ in
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
users.extraUsers = mkIf (cfg.user == "graylog") {
|
||||
users.users = mkIf (cfg.user == "graylog") {
|
||||
graylog = {
|
||||
uid = config.ids.uids.graylog;
|
||||
description = "Graylog server daemon user";
|
||||
|
@ -197,7 +197,7 @@ in {
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
users.extraUsers.${user} = {
|
||||
users.users.${user} = {
|
||||
isSystemUser = true;
|
||||
createHome = true;
|
||||
home = dataDir;
|
||||
|
@ -213,7 +213,7 @@ in
|
||||
mapAttrsToList writeIgnoreRule cfg.ignore
|
||||
++ mapAttrsToList writeIgnoreCronRule cfg.ignoreCron;
|
||||
|
||||
users.extraUsers = optionalAttrs (cfg.user == "logcheck") (singleton
|
||||
users.users = optionalAttrs (cfg.user == "logcheck") (singleton
|
||||
{ name = "logcheck";
|
||||
uid = config.ids.uids.logcheck;
|
||||
shell = "/bin/sh";
|
||||
|
@ -309,7 +309,7 @@ in
|
||||
++ optional cfg.enablePop3 "pop3"
|
||||
++ optional cfg.enableLmtp "lmtp";
|
||||
|
||||
users.extraUsers = [
|
||||
users.users = [
|
||||
{ name = "dovenull";
|
||||
uid = config.ids.uids.dovenull2;
|
||||
description = "Dovecot user for untrusted logins";
|
||||
@ -328,7 +328,7 @@ in
|
||||
group = cfg.mailGroup;
|
||||
});
|
||||
|
||||
users.extraGroups = optional (cfg.group == "dovecot2")
|
||||
users.groups = optional (cfg.group == "dovecot2")
|
||||
{ name = "dovecot2";
|
||||
gid = config.ids.gids.dovecot2;
|
||||
}
|
||||
|
@ -86,13 +86,13 @@ in {
|
||||
|
||||
config = mkIf cfg.enable (mkMerge [
|
||||
{
|
||||
users.extraUsers = optionalAttrs (cfg.user == "dspam") (singleton
|
||||
users.users = optionalAttrs (cfg.user == "dspam") (singleton
|
||||
{ name = "dspam";
|
||||
group = cfg.group;
|
||||
uid = config.ids.uids.dspam;
|
||||
});
|
||||
|
||||
users.extraGroups = optionalAttrs (cfg.group == "dspam") (singleton
|
||||
users.groups = optionalAttrs (cfg.group == "dspam") (singleton
|
||||
{ name = "dspam";
|
||||
gid = config.ids.gids.dspam;
|
||||
});
|
||||
|
@ -77,14 +77,14 @@ in
|
||||
systemPackages = [ exim ];
|
||||
};
|
||||
|
||||
users.extraUsers = singleton {
|
||||
users.users = singleton {
|
||||
name = cfg.user;
|
||||
description = "Exim mail transfer agent user";
|
||||
uid = config.ids.uids.exim;
|
||||
group = cfg.group;
|
||||
};
|
||||
|
||||
users.extraGroups = singleton {
|
||||
users.groups = singleton {
|
||||
name = cfg.group;
|
||||
gid = config.ids.gids.exim;
|
||||
};
|
||||
|
@ -24,7 +24,7 @@ in {
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
users.extraUsers.mailhog = {
|
||||
users.users.mailhog = {
|
||||
name = cfg.user;
|
||||
description = "MailHog service user";
|
||||
};
|
||||
|
@ -94,7 +94,7 @@ in
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
users.extraUsers = singleton {
|
||||
users.users = singleton {
|
||||
name = cfg.user;
|
||||
description = "mlmmj user";
|
||||
home = stateDir;
|
||||
@ -104,7 +104,7 @@ in
|
||||
useDefaultShell = true;
|
||||
};
|
||||
|
||||
users.extraGroups = singleton {
|
||||
users.groups = singleton {
|
||||
name = cfg.group;
|
||||
gid = config.ids.gids.mlmmj;
|
||||
};
|
||||
|
@ -201,13 +201,13 @@ with lib;
|
||||
};
|
||||
|
||||
users = {
|
||||
extraUsers = singleton {
|
||||
users = singleton {
|
||||
name = cfg.user;
|
||||
description = "Nullmailer relay-only mta user";
|
||||
group = cfg.group;
|
||||
};
|
||||
|
||||
extraGroups = singleton {
|
||||
groups = singleton {
|
||||
name = cfg.group;
|
||||
};
|
||||
};
|
||||
|
@ -88,13 +88,13 @@ in {
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
users.extraUsers = optionalAttrs (cfg.user == "opendkim") (singleton
|
||||
users.users = optionalAttrs (cfg.user == "opendkim") (singleton
|
||||
{ name = "opendkim";
|
||||
group = cfg.group;
|
||||
uid = config.ids.uids.opendkim;
|
||||
});
|
||||
|
||||
users.extraGroups = optionalAttrs (cfg.group == "opendkim") (singleton
|
||||
users.groups = optionalAttrs (cfg.group == "opendkim") (singleton
|
||||
{ name = "opendkim";
|
||||
gid = config.ids.gids.opendkim;
|
||||
});
|
||||
|
@ -83,12 +83,12 @@ in {
|
||||
###### implementation
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
users.extraGroups = {
|
||||
users.groups = {
|
||||
smtpd.gid = config.ids.gids.smtpd;
|
||||
smtpq.gid = config.ids.gids.smtpq;
|
||||
};
|
||||
|
||||
users.extraUsers = {
|
||||
users.users = {
|
||||
smtpd = {
|
||||
description = "OpenSMTPD process user";
|
||||
uid = config.ids.uids.smtpd;
|
||||
|
@ -616,14 +616,14 @@ in
|
||||
setgid = true;
|
||||
};
|
||||
|
||||
users.extraUsers = optional (user == "postfix")
|
||||
users.users = optional (user == "postfix")
|
||||
{ name = "postfix";
|
||||
description = "Postfix mail server user";
|
||||
uid = config.ids.uids.postfix;
|
||||
group = group;
|
||||
};
|
||||
|
||||
users.extraGroups =
|
||||
users.groups =
|
||||
optional (group == "postfix")
|
||||
{ name = group;
|
||||
gid = config.ids.gids.postfix;
|
||||
|
@ -136,14 +136,14 @@ in {
|
||||
environment.systemPackages = [ pkgs.postgrey ];
|
||||
|
||||
users = {
|
||||
extraUsers = {
|
||||
users = {
|
||||
postgrey = {
|
||||
description = "Postgrey Daemon";
|
||||
uid = config.ids.uids.postgrey;
|
||||
group = "postgrey";
|
||||
};
|
||||
};
|
||||
extraGroups = {
|
||||
groups = {
|
||||
postgrey = {
|
||||
gid = config.ids.gids.postgrey;
|
||||
};
|
||||
|
@ -90,13 +90,13 @@ in {
|
||||
|
||||
services.postsrsd.domain = mkDefault config.networking.hostName;
|
||||
|
||||
users.extraUsers = optionalAttrs (cfg.user == "postsrsd") (singleton
|
||||
users.users = optionalAttrs (cfg.user == "postsrsd") (singleton
|
||||
{ name = "postsrsd";
|
||||
group = cfg.group;
|
||||
uid = config.ids.uids.postsrsd;
|
||||
});
|
||||
|
||||
users.extraGroups = optionalAttrs (cfg.group == "postsrsd") (singleton
|
||||
users.groups = optionalAttrs (cfg.group == "postsrsd") (singleton
|
||||
{ name = "postsrsd";
|
||||
gid = config.ids.gids.postsrsd;
|
||||
});
|
||||
|
@ -194,14 +194,14 @@ in
|
||||
|
||||
(mkIf cfg.enable {
|
||||
|
||||
users.extraUsers = singleton {
|
||||
users.users = singleton {
|
||||
name = cfg.user;
|
||||
description = "rmilter daemon";
|
||||
uid = config.ids.uids.rmilter;
|
||||
group = cfg.group;
|
||||
};
|
||||
|
||||
users.extraGroups = singleton {
|
||||
users.groups = singleton {
|
||||
name = cfg.group;
|
||||
gid = config.ids.gids.rmilter;
|
||||
};
|
||||
@ -238,12 +238,12 @@ in
|
||||
})
|
||||
|
||||
(mkIf (cfg.enable && cfg.rspamd.enable && rspamdCfg.enable) {
|
||||
users.extraUsers.${cfg.user}.extraGroups = [ rspamdCfg.group ];
|
||||
users.users.${cfg.user}.extraGroups = [ rspamdCfg.group ];
|
||||
})
|
||||
|
||||
(mkIf (cfg.enable && cfg.postfix.enable) {
|
||||
services.postfix.extraConfig = cfg.postfix.configFragment;
|
||||
users.extraUsers.${postfixCfg.user}.extraGroups = [ cfg.group ];
|
||||
users.users.${postfixCfg.user}.extraGroups = [ cfg.group ];
|
||||
})
|
||||
];
|
||||
}
|
||||
|
@ -282,14 +282,14 @@ in
|
||||
# Allow users to run 'rspamc' and 'rspamadm'.
|
||||
environment.systemPackages = [ pkgs.rspamd ];
|
||||
|
||||
users.extraUsers = singleton {
|
||||
users.users = singleton {
|
||||
name = cfg.user;
|
||||
description = "rspamd daemon";
|
||||
uid = config.ids.uids.rspamd;
|
||||
group = cfg.group;
|
||||
};
|
||||
|
||||
users.extraGroups = singleton {
|
||||
users.groups = singleton {
|
||||
name = cfg.group;
|
||||
gid = config.ids.gids.rspamd;
|
||||
};
|
||||
|
@ -128,14 +128,14 @@ in
|
||||
systemPackages = [ pkgs.spamassassin ];
|
||||
};
|
||||
|
||||
users.extraUsers = singleton {
|
||||
users.users = singleton {
|
||||
name = "spamd";
|
||||
description = "Spam Assassin Daemon";
|
||||
uid = config.ids.uids.spamd;
|
||||
group = "spamd";
|
||||
};
|
||||
|
||||
users.extraGroups = singleton {
|
||||
users.groups = singleton {
|
||||
name = "spamd";
|
||||
gid = config.ids.gids.spamd;
|
||||
};
|
||||
|
@ -107,7 +107,7 @@ in {
|
||||
};
|
||||
};
|
||||
|
||||
users.extraUsers.airsonic = {
|
||||
users.users.airsonic = {
|
||||
description = "Airsonic service user";
|
||||
name = cfg.user;
|
||||
home = cfg.home;
|
||||
|
@ -124,7 +124,7 @@ in {
|
||||
|
||||
environment.systemPackages = [cfg.package];
|
||||
|
||||
users.extraUsers = singleton {
|
||||
users.users = singleton {
|
||||
name = "apache-kafka";
|
||||
uid = config.ids.uids.apache-kafka;
|
||||
description = "Apache Kafka daemon user";
|
||||
|
@ -168,14 +168,14 @@ in
|
||||
})
|
||||
) cfg.servers;
|
||||
|
||||
users.extraUsers = [{
|
||||
users.users = [{
|
||||
uid = config.ids.uids.bepasty;
|
||||
name = user;
|
||||
group = group;
|
||||
home = default_home;
|
||||
}];
|
||||
|
||||
users.extraGroups = [{
|
||||
users.groups = [{
|
||||
name = group;
|
||||
gid = config.ids.gids.bepasty;
|
||||
}];
|
||||
|
@ -49,12 +49,12 @@ in
|
||||
|
||||
environment.systemPackages = [ pkgs.calibre ];
|
||||
|
||||
users.extraUsers.calibre-server = {
|
||||
users.users.calibre-server = {
|
||||
uid = config.ids.uids.calibre-server;
|
||||
group = "calibre-server";
|
||||
};
|
||||
|
||||
users.extraGroups.calibre-server = {
|
||||
users.groups.calibre-server = {
|
||||
gid = config.ids.gids.calibre-server;
|
||||
};
|
||||
|
||||
|
@ -54,14 +54,14 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
users.extraUsers = {
|
||||
users.users = {
|
||||
cfdyndns = {
|
||||
group = "cfdyndns";
|
||||
uid = config.ids.uids.cfdyndns;
|
||||
};
|
||||
};
|
||||
|
||||
users.extraGroups = {
|
||||
users.groups = {
|
||||
cfdyndns = {
|
||||
gid = config.ids.gids.cfdyndns;
|
||||
};
|
||||
|
@ -110,7 +110,7 @@ in
|
||||
|
||||
config = mkIf config.services.cgminer.enable {
|
||||
|
||||
users.extraUsers = optionalAttrs (cfg.user == "cgminer") (singleton
|
||||
users.users = optionalAttrs (cfg.user == "cgminer") (singleton
|
||||
{ name = "cgminer";
|
||||
uid = config.ids.uids.cgminer;
|
||||
description = "Cgminer user";
|
||||
|
@ -34,7 +34,7 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
users.extraUsers = singleton
|
||||
users.users = singleton
|
||||
{ name = "couchpotato";
|
||||
group = "couchpotato";
|
||||
home = "/var/lib/couchpotato/";
|
||||
@ -42,7 +42,7 @@ in
|
||||
uid = config.ids.uids.couchpotato;
|
||||
};
|
||||
|
||||
users.extraGroups = singleton
|
||||
users.groups = singleton
|
||||
{ name = "couchpotato";
|
||||
gid = config.ids.gids.couchpotato;
|
||||
};
|
||||
|
@ -45,7 +45,7 @@ in
|
||||
# get the command line client on system path to make some use of the service
|
||||
environment.systemPackages = [ pkgs.dict ];
|
||||
|
||||
users.extraUsers = singleton
|
||||
users.users = singleton
|
||||
{ name = "dictd";
|
||||
group = "dictd";
|
||||
description = "DICT.org dictd server";
|
||||
@ -53,7 +53,7 @@ in
|
||||
uid = config.ids.uids.dictd;
|
||||
};
|
||||
|
||||
users.extraGroups = singleton
|
||||
users.groups = singleton
|
||||
{ name = "dictd";
|
||||
gid = config.ids.gids.dictd;
|
||||
};
|
||||
|
@ -71,7 +71,7 @@ in
|
||||
++ optional cfg.useWebServiceInterface "${pkgs.dbus_java}/share/java/dbus.jar";
|
||||
services.tomcat.webapps = optional cfg.useWebServiceInterface pkgs.DisnixWebService;
|
||||
|
||||
users.extraGroups = singleton
|
||||
users.groups = singleton
|
||||
{ name = "disnix";
|
||||
gid = config.ids.gids.disnix;
|
||||
};
|
||||
|
@ -140,7 +140,7 @@ in {
|
||||
startAt = optional cfg.enableGarbageCollect cfg.garbageCollectDates;
|
||||
};
|
||||
|
||||
users.extraUsers.docker-registry = {
|
||||
users.users.docker-registry = {
|
||||
createHome = true;
|
||||
home = cfg.storagePath;
|
||||
};
|
||||
|
@ -54,14 +54,14 @@ in
|
||||
};
|
||||
};
|
||||
|
||||
users.extraUsers = mkIf (cfg.user == "emby") {
|
||||
users.users = mkIf (cfg.user == "emby") {
|
||||
emby = {
|
||||
group = cfg.group;
|
||||
uid = config.ids.uids.emby;
|
||||
};
|
||||
};
|
||||
|
||||
users.extraGroups = mkIf (cfg.group == "emby") {
|
||||
users.groups = mkIf (cfg.group == "emby") {
|
||||
emby = {
|
||||
gid = config.ids.gids.emby;
|
||||
};
|
||||
|
@ -76,8 +76,8 @@ in {
|
||||
};
|
||||
|
||||
config = mkIf (cfg.instances != {}) {
|
||||
users.extraUsers.errbot.group = "errbot";
|
||||
users.extraGroups.errbot = {};
|
||||
users.users.errbot.group = "errbot";
|
||||
users.groups.errbot = {};
|
||||
|
||||
systemd.services = mapAttrs' (name: instanceCfg: nameValuePair "errbot-${name}" (
|
||||
let
|
||||
|
@ -188,7 +188,7 @@ in {
|
||||
|
||||
environment.systemPackages = [ pkgs.etcdctl ];
|
||||
|
||||
users.extraUsers = singleton {
|
||||
users.users = singleton {
|
||||
name = "etcd";
|
||||
uid = config.ids.uids.etcd;
|
||||
description = "Etcd daemon user";
|
||||
|
@ -408,7 +408,7 @@ in
|
||||
chmod -R u+w ${cfg.baseDir}/zookeeper/conf
|
||||
'';
|
||||
};
|
||||
users.extraUsers = singleton {
|
||||
users.users = singleton {
|
||||
name = "zookeeper";
|
||||
uid = config.ids.uids.zookeeper;
|
||||
description = "Zookeeper daemon user";
|
||||
|
@ -47,12 +47,12 @@ in
|
||||
###### implementation
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
users.extraGroups = singleton
|
||||
users.groups = singleton
|
||||
{ name = "osgi";
|
||||
gid = config.ids.gids.osgi;
|
||||
};
|
||||
|
||||
users.extraUsers = singleton
|
||||
users.users = singleton
|
||||
{ name = "osgi";
|
||||
uid = config.ids.uids.osgi;
|
||||
description = "OSGi user";
|
||||
|
@ -42,7 +42,7 @@ in {
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
users.extraUsers = singleton
|
||||
users.users = singleton
|
||||
{ name = fahUser;
|
||||
uid = config.ids.uids.foldingathome;
|
||||
description = "Folding@Home user";
|
||||
|
@ -200,7 +200,7 @@ in {
|
||||
};
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
users.extraUsers.${cfg.user} = {
|
||||
users.users.${cfg.user} = {
|
||||
description = "gammu-smsd user";
|
||||
uid = config.ids.uids.gammu-smsd;
|
||||
extraGroups = [ "${cfg.device.group}" ];
|
||||
|
@ -251,7 +251,7 @@ in
|
||||
}
|
||||
];
|
||||
|
||||
users.extraUsers.geoip = {
|
||||
users.users.geoip = {
|
||||
group = "root";
|
||||
description = "GeoIP database updater";
|
||||
uid = config.ids.uids.geoip;
|
||||
|
@ -337,7 +337,7 @@ in
|
||||
};
|
||||
|
||||
users = mkIf (cfg.user == "gitea") {
|
||||
extraUsers.gitea = {
|
||||
users.gitea = {
|
||||
description = "Gitea Service";
|
||||
home = cfg.stateDir;
|
||||
createHome = true;
|
||||
|
@ -645,15 +645,15 @@ in
|
||||
|
||||
config = mkIf cfg.enable {
|
||||
|
||||
users.extraUsers.gitit = {
|
||||
group = config.users.extraGroups.gitit.name;
|
||||
users.users.gitit = {
|
||||
group = config.users.groups.gitit.name;
|
||||
description = "Gitit user";
|
||||
home = homeDir;
|
||||
createHome = true;
|
||||
uid = config.ids.uids.gitit;
|
||||
};
|
||||
|
||||
users.extraGroups.gitit.gid = config.ids.gids.gitit;
|
||||
users.groups.gitit.gid = config.ids.gids.gitit;
|
||||
|
||||
systemd.services.gitit = let
|
||||
uid = toString config.ids.uids.gitit;
|
||||
@ -715,8 +715,8 @@ NAMED
|
||||
'';
|
||||
|
||||
serviceConfig = {
|
||||
User = config.users.extraUsers.gitit.name;
|
||||
Group = config.users.extraGroups.gitit.name;
|
||||
User = config.users.users.gitit.name;
|
||||
Group = config.users.groups.gitit.name;
|
||||
ExecStart = with cfg; gititSh haskellPackages extraPackages;
|
||||
};
|
||||
};
|
||||
|
@ -444,7 +444,7 @@ in {
|
||||
# Use postfix to send out mails.
|
||||
services.postfix.enable = mkDefault true;
|
||||
|
||||
users.extraUsers = [
|
||||
users.users = [
|
||||
{ name = cfg.user;
|
||||
group = cfg.group;
|
||||
home = "${cfg.statePath}/home";
|
||||
@ -453,7 +453,7 @@ in {
|
||||
}
|
||||
];
|
||||
|
||||
users.extraGroups = [
|
||||
users.groups = [
|
||||
{ name = cfg.group;
|
||||
gid = config.ids.gids.gitlab;
|
||||
}
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user