summaryrefslogtreecommitdiffstats
path: root/3modules/tv
diff options
context:
space:
mode:
Diffstat (limited to '3modules/tv')
-rw-r--r--3modules/tv/consul.nix4
-rw-r--r--3modules/tv/ejabberd.nix3
-rw-r--r--3modules/tv/git.nix8
-rw-r--r--3modules/tv/github-hosts-sync.nix2
-rw-r--r--3modules/tv/retiolum.nix29
-rw-r--r--3modules/tv/urlwatch.nix24
6 files changed, 25 insertions, 45 deletions
diff --git a/3modules/tv/consul.nix b/3modules/tv/consul.nix
index 480198456..db0cd7a9e 100644
--- a/3modules/tv/consul.nix
+++ b/3modules/tv/consul.nix
@@ -88,7 +88,7 @@ let
ExecStartPre = pkgs.writeScript "consul-init" ''
#! /bin/sh
mkdir -p ${cfg.data-dir}
- chown consul: ${cfg.data-dir}
+ chown ${user.name}: ${cfg.data-dir}
install -o ${user.name} -m 0400 ${cfg.encrypt-file} /tmp/encrypt.json
'';
ExecStart = pkgs.writeScript "consul-service" ''
@@ -111,7 +111,7 @@ let
user = {
name = "consul";
- uid = 2983239726; # genid consul
+ uid = 2999951406; # genid consul
};
in
diff --git a/3modules/tv/ejabberd.nix b/3modules/tv/ejabberd.nix
index b694d05d2..2910a9a69 100644
--- a/3modules/tv/ejabberd.nix
+++ b/3modules/tv/ejabberd.nix
@@ -55,8 +55,7 @@ let
user = {
name = "ejabberd";
- uid = 405222;
- # TODO uid = 3483034447; # genid ejabberd
+ uid = 3499746127; # genid ejabberd
};
my-ejabberdctl = pkgs.writeScriptBin "ejabberdctl" ''
diff --git a/3modules/tv/git.nix b/3modules/tv/git.nix
index 8d2ab482d..8c73d0354 100644
--- a/3modules/tv/git.nix
+++ b/3modules/tv/git.nix
@@ -149,7 +149,7 @@ let
shell = "/bin/sh";
openssh.authorizedKeys.keys =
mapAttrsToList (_: makeAuthorizedKey git-ssh-command) cfg.users;
- uid = 112606723; # genid git
+ uid = 129318403; # genid git
};
};
@@ -237,13 +237,13 @@ let
fcgitwrap-user = {
name = "fcgiwrap";
- uid = 2851179180; # genid fcgiwrap
+ uid = 2867890860; # genid fcgiwrap
group = "fcgiwrap";
};
fcgitwrap-group = {
- name = "fcgiwrap";
- gid = 2851179180; # genid fcgiwrap
+ name = fcgitwrap-user.name;
+ gid = fcgitwrap-user.uid;
};
diff --git a/3modules/tv/github-hosts-sync.nix b/3modules/tv/github-hosts-sync.nix
index 3da1064a1..f50bf2b1b 100644
--- a/3modules/tv/github-hosts-sync.nix
+++ b/3modules/tv/github-hosts-sync.nix
@@ -75,7 +75,7 @@ let
user = {
name = "github-hosts-sync";
- uid = 3203842966; # genid github-hosts-sync
+ uid = 3220554646; # genid github-hosts-sync
};
Zpkgs = import ../../Zpkgs/tv { inherit pkgs; };
diff --git a/3modules/tv/retiolum.nix b/3modules/tv/retiolum.nix
index 8dc4197aa..ca1418c32 100644
--- a/3modules/tv/retiolum.nix
+++ b/3modules/tv/retiolum.nix
@@ -46,7 +46,6 @@ let
description = ''
The tinc network name.
It is used to generate long host entries,
- derive the name of the user account under which tincd runs,
and name the TUN device.
'';
};
@@ -106,20 +105,22 @@ let
# and the private key.
ExecStartPre = pkgs.writeScript "retiolum-init" ''
#! /bin/sh
- install -o ${user} -m 0400 ${cfg.privateKeyFile} /tmp/retiolum-rsa_key.priv
+ install -o ${user.name} -m 0400 ${cfg.privateKeyFile} /tmp/retiolum-rsa_key.priv
'';
- ExecStart = "${tinc}/sbin/tincd -c ${confDir} -d 0 -U ${user} -D";
+ ExecStart = "${tinc}/sbin/tincd -c ${confDir} -d 0 -U ${user.name} -D";
SyslogIdentifier = "retiolum";
};
};
- # TODO user.name = "retiolum"
users.extraUsers = singleton {
- name = user;
- uid = 2961822815; # bin/genid retiolum-tinc
+ inherit (user) name uid;
};
};
+ user = {
+ name = "retiolum";
+ uid = 301281149; # genid retiolum
+ };
tinc = cfg.tincPackage;
hostsType = builtins.typeOf cfg.hosts;
@@ -217,21 +218,5 @@ let
chmod +x $out/tinc-up
'';
-
-
- user = cfg.network + "-tinc";
-
in
out
-
-
-
-#let
-# cfg = config.tv.retiolum;
-# arg' = arg // { inherit cfg; };
-#in
-#
-#{
-# options.tv.retiolum = import ./options.nix arg';
-# config = lib.mkIf cfg.enable (import ./config.nix arg');
-#}
diff --git a/3modules/tv/urlwatch.nix b/3modules/tv/urlwatch.nix
index 05a0b0faf..a659fc74f 100644
--- a/3modules/tv/urlwatch.nix
+++ b/3modules/tv/urlwatch.nix
@@ -28,7 +28,7 @@ let
};
from = mkOption {
type = types.str;
- default = "${cfg.user}@${config.networking.hostName}.retiolum";
+ default = "${user.name}@${config.networking.hostName}.retiolum";
description = ''
Content of the From: header of the generated mails.
'';
@@ -54,11 +54,6 @@ let
https://nixos.org/channels/nixos-unstable/git-revision
];
};
- user = mkOption {
- type = types.str;
- default = "urlwatch";
- description = "User under which urlwatch runs.";
- };
};
urlsFile = toFile "urls" (concatStringsSep "\n" cfg.urls);
@@ -84,7 +79,7 @@ let
SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
};
serviceConfig = {
- User = cfg.user;
+ User = user.name;
PermissionsStartOnly = "true";
PrivateTmp = "true";
Type = "oneshot";
@@ -94,11 +89,10 @@ let
set -euf
dataDir=$HOME
- user=${escapeShellArg cfg.user}
if ! test -e "$dataDir"; then
mkdir -m 0700 -p "$dataDir"
- chown "$user": "$dataDir"
+ chown ${user.name}: "$dataDir"
fi
'';
ExecStart = pkgs.writeScript "urlwatch" ''
@@ -108,7 +102,6 @@ let
from=${escapeShellArg cfg.from}
mailto=${escapeShellArg cfg.mailto}
urlsFile=${escapeShellArg urlsFile}
- user=${escapeShellArg cfg.user}
cd /tmp
@@ -130,11 +123,14 @@ let
'';
};
};
- users.extraUsers = optionals (cfg.user == "urlwatch") (singleton {
- name = "urlwatch";
- uid = 3450919516; # bin/genid urlwatch
- });
+ users.extraUsers = singleton {
+ inherit (user) name uid;
+ };
};
+ user = {
+ name = "urlwatch";
+ uid = 3467631196; # genid urlwatch
+ };
in
out