From 19782a9e6369670f1cabe9b6194f25e67bf4f27e Mon Sep 17 00:00:00 2001 From: Luke Granger-Brown Date: Thu, 16 Sep 2021 19:14:30 +0000 Subject: [PATCH] ops/nixos: set group for isSystemUser users --- ops/nixos/clouvider-fra01/default.nix | 2 +- ops/nixos/lib/common.nix | 2 ++ ops/nixos/lib/minotarproxy.nix | 6 +++++- 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/ops/nixos/clouvider-fra01/default.nix b/ops/nixos/clouvider-fra01/default.nix index f6da93739c..7e653c0b29 100644 --- a/ops/nixos/clouvider-fra01/default.nix +++ b/ops/nixos/clouvider-fra01/default.nix @@ -121,7 +121,7 @@ in { lukegb.extraGroups = [ "wheel" "content" "deluge" ]; content = { isSystemUser = true; - extraGroups = [ "content" ]; + group = "content"; }; plex.extraGroups = [ "content" ]; deluge.extraGroups = [ "content" ]; diff --git a/ops/nixos/lib/common.nix b/ops/nixos/lib/common.nix index ae5c78c1dd..6aee1ae919 100644 --- a/ops/nixos/lib/common.nix +++ b/ops/nixos/lib/common.nix @@ -118,6 +118,7 @@ in deployer = { isSystemUser = true; uid = 1001; + group = "deployer"; hashedPassword = "!"; useDefaultShell = true; home = "/var/lib/deployer"; @@ -128,6 +129,7 @@ in ]; }; }; + users.groups.deployer = {}; security.sudo.extraRules = [{ users = [ "deployer" ]; commands = [{ diff --git a/ops/nixos/lib/minotarproxy.nix b/ops/nixos/lib/minotarproxy.nix index 3903d5cb57..690ec4da7d 100644 --- a/ops/nixos/lib/minotarproxy.nix +++ b/ops/nixos/lib/minotarproxy.nix @@ -12,7 +12,11 @@ in { 80 443 ]; - users.users.minotarproxy.isSystemUser = true; + users.users.minotarproxy = { + isSystemUser = true; + group = "minotarproxy"; + }; + users.groups.minotarproxy = {}; systemd.services.minotarproxy = { description = "Minotar proxy";