diff options
Diffstat (limited to '3modules/tv')
-rw-r--r-- | 3modules/tv/consul.nix | 4 | ||||
-rw-r--r-- | 3modules/tv/ejabberd.nix | 3 | ||||
-rw-r--r-- | 3modules/tv/git.nix | 8 | ||||
-rw-r--r-- | 3modules/tv/github-hosts-sync.nix | 2 | ||||
-rw-r--r-- | 3modules/tv/retiolum.nix | 29 | ||||
-rw-r--r-- | 3modules/tv/urlwatch.nix | 24 |
6 files changed, 25 insertions, 45 deletions
diff --git a/3modules/tv/consul.nix b/3modules/tv/consul.nix index 480198456..db0cd7a9e 100644 --- a/3modules/tv/consul.nix +++ b/3modules/tv/consul.nix @@ -88,7 +88,7 @@ let ExecStartPre = pkgs.writeScript "consul-init" '' #! /bin/sh mkdir -p ${cfg.data-dir} - chown consul: ${cfg.data-dir} + chown ${user.name}: ${cfg.data-dir} install -o ${user.name} -m 0400 ${cfg.encrypt-file} /tmp/encrypt.json ''; ExecStart = pkgs.writeScript "consul-service" '' @@ -111,7 +111,7 @@ let user = { name = "consul"; - uid = 2983239726; # genid consul + uid = 2999951406; # genid consul }; in diff --git a/3modules/tv/ejabberd.nix b/3modules/tv/ejabberd.nix index b694d05d2..2910a9a69 100644 --- a/3modules/tv/ejabberd.nix +++ b/3modules/tv/ejabberd.nix @@ -55,8 +55,7 @@ let user = { name = "ejabberd"; - uid = 405222; - # TODO uid = 3483034447; # genid ejabberd + uid = 3499746127; # genid ejabberd }; my-ejabberdctl = pkgs.writeScriptBin "ejabberdctl" '' diff --git a/3modules/tv/git.nix b/3modules/tv/git.nix index 8d2ab482d..8c73d0354 100644 --- a/3modules/tv/git.nix +++ b/3modules/tv/git.nix @@ -149,7 +149,7 @@ let shell = "/bin/sh"; openssh.authorizedKeys.keys = mapAttrsToList (_: makeAuthorizedKey git-ssh-command) cfg.users; - uid = 112606723; # genid git + uid = 129318403; # genid git }; }; @@ -237,13 +237,13 @@ let fcgitwrap-user = { name = "fcgiwrap"; - uid = 2851179180; # genid fcgiwrap + uid = 2867890860; # genid fcgiwrap group = "fcgiwrap"; }; fcgitwrap-group = { - name = "fcgiwrap"; - gid = 2851179180; # genid fcgiwrap + name = fcgitwrap-user.name; + gid = fcgitwrap-user.uid; }; diff --git a/3modules/tv/github-hosts-sync.nix b/3modules/tv/github-hosts-sync.nix index 3da1064a1..f50bf2b1b 100644 --- a/3modules/tv/github-hosts-sync.nix +++ b/3modules/tv/github-hosts-sync.nix @@ -75,7 +75,7 @@ let user = { name = "github-hosts-sync"; - uid = 3203842966; # genid github-hosts-sync + uid = 3220554646; # genid github-hosts-sync }; Zpkgs = import ../../Zpkgs/tv { inherit pkgs; }; diff --git a/3modules/tv/retiolum.nix b/3modules/tv/retiolum.nix index 8dc4197aa..ca1418c32 100644 --- a/3modules/tv/retiolum.nix +++ b/3modules/tv/retiolum.nix @@ -46,7 +46,6 @@ let description = '' The tinc network name. It is used to generate long host entries, - derive the name of the user account under which tincd runs, and name the TUN device. ''; }; @@ -106,20 +105,22 @@ let # and the private key. ExecStartPre = pkgs.writeScript "retiolum-init" '' #! /bin/sh - install -o ${user} -m 0400 ${cfg.privateKeyFile} /tmp/retiolum-rsa_key.priv + install -o ${user.name} -m 0400 ${cfg.privateKeyFile} /tmp/retiolum-rsa_key.priv ''; - ExecStart = "${tinc}/sbin/tincd -c ${confDir} -d 0 -U ${user} -D"; + ExecStart = "${tinc}/sbin/tincd -c ${confDir} -d 0 -U ${user.name} -D"; SyslogIdentifier = "retiolum"; }; }; - # TODO user.name = "retiolum" users.extraUsers = singleton { - name = user; - uid = 2961822815; # bin/genid retiolum-tinc + inherit (user) name uid; }; }; + user = { + name = "retiolum"; + uid = 301281149; # genid retiolum + }; tinc = cfg.tincPackage; hostsType = builtins.typeOf cfg.hosts; @@ -217,21 +218,5 @@ let chmod +x $out/tinc-up ''; - - - user = cfg.network + "-tinc"; - in out - - - -#let -# cfg = config.tv.retiolum; -# arg' = arg // { inherit cfg; }; -#in -# -#{ -# options.tv.retiolum = import ./options.nix arg'; -# config = lib.mkIf cfg.enable (import ./config.nix arg'); -#} diff --git a/3modules/tv/urlwatch.nix b/3modules/tv/urlwatch.nix index 05a0b0faf..a659fc74f 100644 --- a/3modules/tv/urlwatch.nix +++ b/3modules/tv/urlwatch.nix @@ -28,7 +28,7 @@ let }; from = mkOption { type = types.str; - default = "${cfg.user}@${config.networking.hostName}.retiolum"; + default = "${user.name}@${config.networking.hostName}.retiolum"; description = '' Content of the From: header of the generated mails. ''; @@ -54,11 +54,6 @@ let https://nixos.org/channels/nixos-unstable/git-revision ]; }; - user = mkOption { - type = types.str; - default = "urlwatch"; - description = "User under which urlwatch runs."; - }; }; urlsFile = toFile "urls" (concatStringsSep "\n" cfg.urls); @@ -84,7 +79,7 @@ let SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt"; }; serviceConfig = { - User = cfg.user; + User = user.name; PermissionsStartOnly = "true"; PrivateTmp = "true"; Type = "oneshot"; @@ -94,11 +89,10 @@ let set -euf dataDir=$HOME - user=${escapeShellArg cfg.user} if ! test -e "$dataDir"; then mkdir -m 0700 -p "$dataDir" - chown "$user": "$dataDir" + chown ${user.name}: "$dataDir" fi ''; ExecStart = pkgs.writeScript "urlwatch" '' @@ -108,7 +102,6 @@ let from=${escapeShellArg cfg.from} mailto=${escapeShellArg cfg.mailto} urlsFile=${escapeShellArg urlsFile} - user=${escapeShellArg cfg.user} cd /tmp @@ -130,11 +123,14 @@ let ''; }; }; - users.extraUsers = optionals (cfg.user == "urlwatch") (singleton { - name = "urlwatch"; - uid = 3450919516; # bin/genid urlwatch - }); + users.extraUsers = singleton { + inherit (user) name uid; + }; }; + user = { + name = "urlwatch"; + uid = 3467631196; # genid urlwatch + }; in out |