ops/nixos: create permanent quotesdb user
Stop relying on DynamicUser because it messes a bit with postgres' auth.
This commit is contained in:
parent
3318874168
commit
8cc6e2001a
1 changed files with 7 additions and 1 deletions
|
@ -75,6 +75,12 @@ in
|
|||
}];
|
||||
};
|
||||
|
||||
users.users.quotesdb = {
|
||||
isSystemUser = true;
|
||||
group = "nginx";
|
||||
};
|
||||
users.groups.quotesdb = {};
|
||||
|
||||
systemd.services.quotesdb = {
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
after = [ "network.target" ];
|
||||
|
@ -86,7 +92,7 @@ in
|
|||
EnvironmentFile = secrets.quotesdb.environment;
|
||||
RuntimeDirectory = "quotesdb";
|
||||
ExecStart = "${pkg}/bin/quotes --workers 3 --bind unix:${sock}";
|
||||
DynamicUser = true;
|
||||
User = "quotesdb";
|
||||
Group = "nginx";
|
||||
UMask = "0007";
|
||||
};
|
||||
|
|
Loading…
Reference in a new issue