From 280ed594fb4d4256a3f7a9a0b903c3e251234735 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 1 Dec 2021 17:55:22 +0100 Subject: htgen: generate group for every user --- krebs/3modules/htgen.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/htgen.nix b/krebs/3modules/htgen.nix index 517dad76f..4221703ec 100644 --- a/krebs/3modules/htgen.nix +++ b/krebs/3modules/htgen.nix @@ -69,10 +69,13 @@ let users.users = mapAttrs' (name: htgen: nameValuePair htgen.user.name { inherit (htgen.user) home name uid; + group = htgen.user.name; createHome = true; isSystemUser = true; } ) cfg; + users.groups = mapAttrs (_: _: {}) cfg; + }; in out -- cgit v1.2.3 From c5ade4fdd6c414c6726e1ac152a1c80327b5e796 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 1 Dec 2021 18:27:04 +0100 Subject: realwallpaper: add group --- krebs/3modules/realwallpaper.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/realwallpaper.nix b/krebs/3modules/realwallpaper.nix index 1fa6012cf..167afed2c 100644 --- a/krebs/3modules/realwallpaper.nix +++ b/krebs/3modules/realwallpaper.nix @@ -59,10 +59,13 @@ let users.extraUsers.realwallpaper = { uid = genid "realwallpaper"; + group = "realwallpaper"; home = cfg.workingDir; createHome = true; isSystemUser = true; }; + + users.groups.realwallpaper = {}; }; in -- cgit v1.2.3 From cd367626d4cb434e89ebfce0f4c13a11108043db Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 1 Dec 2021 18:28:26 +0100 Subject: tinc_graphs: add groups --- krebs/3modules/tinc_graphs.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/tinc_graphs.nix b/krebs/3modules/tinc_graphs.nix index 7a414e6e3..733db69ca 100644 --- a/krebs/3modules/tinc_graphs.nix +++ b/krebs/3modules/tinc_graphs.nix @@ -128,9 +128,12 @@ let users.extraUsers.tinc_graphs = { uid = genid_uint31 "tinc_graphs"; + group = "tinc_graphs"; home = "/var/spool/tinc_graphs"; isSystemUser = true; }; + users.groups.tinc_graphs = {}; + services.nginx = mkIf cfg.nginx.enable { enable = mkDefault true; virtualHosts = { -- cgit v1.2.3 From 5d6bbe679742f6e975b48512c81e6d9c2dab9043 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 1 Dec 2021 18:29:24 +0100 Subject: brockman: add group --- krebs/3modules/brockman.nix | 2 ++ 1 file changed, 2 insertions(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/brockman.nix b/krebs/3modules/brockman.nix index 7a78880ea..8427ca50b 100644 --- a/krebs/3modules/brockman.nix +++ b/krebs/3modules/brockman.nix @@ -11,10 +11,12 @@ in { config = mkIf cfg.enable { users.extraUsers.brockman = { home = "/var/lib/brockman"; + group = "brockman"; createHome = true; isSystemUser = true; uid = genid_uint31 "brockman"; }; + users.groups.brockman = {}; systemd.services.brockman = { description = "RSS to IRC broadcaster"; -- cgit v1.2.3 From bb709ce412115424db63b9ec2622989070c93d46 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 1 Dec 2021 18:30:57 +0100 Subject: buildbot: add groups to users --- krebs/3modules/buildbot/master.nix | 1 + krebs/3modules/buildbot/slave.nix | 1 + 2 files changed, 2 insertions(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/buildbot/master.nix b/krebs/3modules/buildbot/master.nix index e55bd95ea..c30f31e31 100644 --- a/krebs/3modules/buildbot/master.nix +++ b/krebs/3modules/buildbot/master.nix @@ -319,6 +319,7 @@ let users.extraUsers.buildbotMaster = { uid = genid "buildbotMaster"; + group = "buildbotMaster"; description = "Buildbot Master"; home = cfg.workDir; createHome = false; diff --git a/krebs/3modules/buildbot/slave.nix b/krebs/3modules/buildbot/slave.nix index d877b9911..f97b50def 100644 --- a/krebs/3modules/buildbot/slave.nix +++ b/krebs/3modules/buildbot/slave.nix @@ -128,6 +128,7 @@ let users.extraUsers.buildbotSlave = { uid = genid "buildbotSlave"; + group = "buildbotSlave"; description = "Buildbot Slave"; home = cfg.workDir; createHome = false; -- cgit v1.2.3 From 9f6c37f21c49fb26d214765cbecef0d9e5abca40 Mon Sep 17 00:00:00 2001 From: lassulus Date: Wed, 1 Dec 2021 18:31:53 +0100 Subject: github-host-sync: add group --- krebs/3modules/github-hosts-sync.nix | 3 +++ 1 file changed, 3 insertions(+) (limited to 'krebs/3modules') diff --git a/krebs/3modules/github-hosts-sync.nix b/krebs/3modules/github-hosts-sync.nix index 9421576df..71eed6c69 100644 --- a/krebs/3modules/github-hosts-sync.nix +++ b/krebs/3modules/github-hosts-sync.nix @@ -66,11 +66,14 @@ let users.users.${user.name} = { inherit (user) uid; + group = user.name; home = cfg.dataDir; isSystemUser = true; }; }; + users.groups.${user.name} = {}; + user = rec { mail = "${name}@${config.krebs.build.host.name}"; name = "github-hosts-sync"; -- cgit v1.2.3