nixos/gitolite: use group 'gitolite' instead of 'nogroup'

Having files (git repositories) owned by 'nogroup' is a bad idea.

2 files changed, 11 insertions, 1 deletions

diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix
index 0f3b8bcab8b0..508a76d3cab5 100644
--- a/nixos/modules/misc/ids.nix
+++ b/nixos/modules/misc/ids.nix
@@ -426,7 +426,7 @@
       teamspeak = 124;
       influxdb = 125;
       nsd = 126;
-      #gitolite = 127; # unused
+      gitolite = 127;
       znc = 128;
       polipo = 129;
       mopidy = 130;
diff --git a/nixos/modules/services/misc/gitolite.nix b/nixos/modules/services/misc/gitolite.nix
index d803a4e0bf12..6bb8adeccf79 100644
--- a/nixos/modules/services/misc/gitolite.nix
+++ b/nixos/modules/services/misc/gitolite.nix
@@ -85,6 +85,14 @@ in
           Gitolite user account. This is the username of the gitolite endpoint.
         '';
       };
+
+      group = mkOption {
+        type = types.str;
+        default = "gitolite";
+        description = ''
+          Primary group of the Gitolite user account.
+        '';
+      };
     };
   };
 
@@ -121,8 +129,10 @@ in
       home            = cfg.dataDir;
       createHome      = true;
       uid             = config.ids.uids.gitolite;
+      group           = cfg.group;
       useDefaultShell = true;
     };
+    users.extraGroups."${cfg.group}".gid = config.ids.gids.gitolite;
 
     systemd.services."gitolite-init" = {
       description = "Gitolite initialization";