diff options
author | Pascal Wittmann <mail@pascal-wittmann.de> | 2016-03-20 15:25:02 +0100 |
---|---|---|
committer | Pascal Wittmann <mail@pascal-wittmann.de> | 2016-03-20 15:50:14 +0100 |
commit | a491b75523e70c6355ef63e598044bc4c69e95bc (patch) | |
tree | 5c4f63628c515f8cbf0b446c924e0cab947c8b35 /nixos/modules/services/networking/radicale.nix | |
parent | 097e20ccfee0e7580fa978d2b3392cefe5aa6ac9 (diff) | |
download | nixlib-a491b75523e70c6355ef63e598044bc4c69e95bc.tar nixlib-a491b75523e70c6355ef63e598044bc4c69e95bc.tar.gz nixlib-a491b75523e70c6355ef63e598044bc4c69e95bc.tar.bz2 nixlib-a491b75523e70c6355ef63e598044bc4c69e95bc.tar.lz nixlib-a491b75523e70c6355ef63e598044bc4c69e95bc.tar.xz nixlib-a491b75523e70c6355ef63e598044bc4c69e95bc.tar.zst nixlib-a491b75523e70c6355ef63e598044bc4c69e95bc.zip |
radicale service: run with dedicated user
This is done in the context of #11908.
Diffstat (limited to 'nixos/modules/services/networking/radicale.nix')
-rw-r--r-- | nixos/modules/services/networking/radicale.nix | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/nixos/modules/services/networking/radicale.nix b/nixos/modules/services/networking/radicale.nix index 4b77ef22ac12..19762f4e570c 100644 --- a/nixos/modules/services/networking/radicale.nix +++ b/nixos/modules/services/networking/radicale.nix @@ -35,12 +35,27 @@ in config = mkIf cfg.enable { environment.systemPackages = [ pkgs.pythonPackages.radicale ]; + users.extraUsers = singleton + { name = "radicale"; + uid = config.ids.uids.radicale; + description = "radicale user"; + home = "/var/lib/radicale"; + createHome = true; + }; + + users.extraGroups = singleton + { name = "radicale"; + gid = config.ids.gids.radicale; + }; + systemd.services.radicale = { description = "A Simple Calendar and Contact Server"; after = [ "network-interfaces.target" ]; wantedBy = [ "multi-user.target" ]; script = "${pkgs.pythonPackages.radicale}/bin/radicale -C ${confFile} -d"; serviceConfig.Type = "forking"; + serviceConfig.User = "radicale"; + serviceConfig.Group = "radicale"; }; }; } |