diff options
| author | Nadrieril <nadrieril@gmail.com> | 2017-09-27 15:53:12 +0100 |
|---|---|---|
| committer | Nadrieril <nadrieril@gmail.com> | 2017-12-08 22:18:57 +0000 |
| commit | f90b3dcf05249f88063f8023cea2c9849ca4a1e6 (patch) | |
| tree | d0e1bc2c981cd389523f668e9214038935f5e41a /nixos/modules | |
| parent | d8787a8aacac7e4ee215b4f9d577e037caa06b6e (diff) | |
| download | nixlib-f90b3dcf05249f88063f8023cea2c9849ca4a1e6.tar nixlib-f90b3dcf05249f88063f8023cea2c9849ca4a1e6.tar.gz nixlib-f90b3dcf05249f88063f8023cea2c9849ca4a1e6.tar.bz2 nixlib-f90b3dcf05249f88063f8023cea2c9849ca4a1e6.tar.lz nixlib-f90b3dcf05249f88063f8023cea2c9849ca4a1e6.tar.xz nixlib-f90b3dcf05249f88063f8023cea2c9849ca4a1e6.tar.zst nixlib-f90b3dcf05249f88063f8023cea2c9849ca4a1e6.zip | |
firefox.syncserver service: No need for configurable user
Diffstat (limited to 'nixos/modules')
| -rw-r--r-- | nixos/modules/services/networking/firefox/sync-server.nix | 41 |
1 files changed, 13 insertions, 28 deletions
diff --git a/nixos/modules/services/networking/firefox/sync-server.nix b/nixos/modules/services/networking/firefox/sync-server.nix index a9f3fd65d76b..974914ebe1eb 100644 --- a/nixos/modules/services/networking/firefox/sync-server.nix +++ b/nixos/modules/services/networking/firefox/sync-server.nix @@ -70,18 +70,6 @@ in ''; }; - user = mkOption { - type = types.str; - default = "syncserver"; - description = "User account under which syncserver runs."; - }; - - group = mkOption { - type = types.str; - default = "syncserver"; - description = "Group account under which syncserver runs."; - }; - publicUrl = mkOption { type = types.str; default = "http://localhost:5000/"; @@ -138,6 +126,8 @@ in systemd.services.syncserver = let syncServerEnv = pkgs.python.withPackages(ps: with ps; [ syncserver pasteScript ]); + user = "syncserver"; + group = "syncserver"; in { after = [ "network.target" ]; description = "Firefox Sync Server"; @@ -145,8 +135,8 @@ in path = [ pkgs.coreutils syncServerEnv ]; serviceConfig = { - User = cfg.user; - Group = cfg.group; + User = user; + Group = group; PermissionsStartOnly = true; }; @@ -156,32 +146,27 @@ in echo > ${cfg.privateConfig} '[syncserver]' echo >> ${cfg.privateConfig} "secret = $(head -c 20 /dev/urandom | sha1sum | tr -d ' -')" fi - chown ${cfg.user}:${cfg.group} ${cfg.privateConfig} + chown ${user}:${group} ${cfg.privateConfig} '' + optionalString (cfg.sqlUri == defaultSqlUri) '' if ! test -e $(dirname ${defaultDbLocation}); then mkdir -m 700 -p $(dirname ${defaultDbLocation}) - chown ${cfg.user}:${cfg.group} $(dirname ${defaultDbLocation}) + chown ${user}:${group} $(dirname ${defaultDbLocation}) fi # Move previous database file if it exists oldDb="/var/db/firefox-sync-server.db" if test -f $oldDb; then mv $oldDb ${defaultDbLocation} - chown ${cfg.user}:${cfg.group} ${defaultDbLocation} + chown ${user}:${group} ${defaultDbLocation} fi ''; serviceConfig.ExecStart = "${syncServerEnv}/bin/paster serve ${syncServerIni}"; }; - users.extraUsers = optionalAttrs (cfg.user == "syncserver") - (singleton { - name = "syncserver"; - group = cfg.group; - isSystemUser = true; - }); - - users.extraGroups = optionalAttrs (cfg.group == "syncserver") - (singleton { - name = "syncserver"; - }); + users.users.syncserver = { + group = "syncserver"; + isSystemUser = true; + }; + + users.groups.syncserver = {}; }; } |