diff options
author | yvt <i@yvt.jp> | 2019-10-03 01:30:41 +0900 |
---|---|---|
committer | yvt <i@yvt.jp> | 2019-10-03 01:30:41 +0900 |
commit | e3c1ecf11155902c59909bc3862536f474d00b1e (patch) | |
tree | b9c17c0bd69408a82ebafda1f553f828afbcb24e /nixos | |
parent | b1acc7dc8b4ce7e80dc48c9cb1c5522de982d1e2 (diff) | |
download | nixlib-e3c1ecf11155902c59909bc3862536f474d00b1e.tar nixlib-e3c1ecf11155902c59909bc3862536f474d00b1e.tar.gz nixlib-e3c1ecf11155902c59909bc3862536f474d00b1e.tar.bz2 nixlib-e3c1ecf11155902c59909bc3862536f474d00b1e.tar.lz nixlib-e3c1ecf11155902c59909bc3862536f474d00b1e.tar.xz nixlib-e3c1ecf11155902c59909bc3862536f474d00b1e.tar.zst nixlib-e3c1ecf11155902c59909bc3862536f474d00b1e.zip |
nixos/do-agent: Use DynamicUser
Diffstat (limited to 'nixos')
-rw-r--r-- | nixos/modules/services/monitoring/do-agent.nix | 22 |
1 files changed, 1 insertions, 21 deletions
diff --git a/nixos/modules/services/monitoring/do-agent.nix b/nixos/modules/services/monitoring/do-agent.nix index a03c33303481..a9471994e327 100644 --- a/nixos/modules/services/monitoring/do-agent.nix +++ b/nixos/modules/services/monitoring/do-agent.nix @@ -8,18 +8,6 @@ in { options.services.do-agent = { enable = mkEnableOption "do-agent, the DigitalOcean droplet metrics agent"; - - user = mkOption { - type = types.str; - default = "do-agent"; - description = "User account under which do-agent runs."; - }; - - group = mkOption { - type = types.str; - default = "do-agent"; - description = "Group account under which do-agent runs."; - }; }; config = mkIf cfg.enable { @@ -38,16 +26,8 @@ in ProtectSystem = "full"; ProtectHome = "yes"; NoNewPrivileges = "yes"; + DynamicUser = "yes"; }; }; - - users.users = optionalAttrs (cfg.user == "do-agent") (singleton - { name = "do-agent"; - group = cfg.group; - }); - - users.groups = optionalAttrs (cfg.group == "do-agent") (singleton - { name = "do-agent"; - }); }; } |