From 8b7f4fa8a64b141cd103689789909a30a7b972d1 Mon Sep 17 00:00:00 2001
From: Jörg Thalheim <joerg@thalheim.io>
Date: Fri, 28 Feb 2020 14:31:18 +0000
Subject: nixos/buildkite-agents: don't run as nogroup

---
 nixos/modules/services/continuous-integration/buildkite-agents.nix | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'nixos/modules')

diff --git a/nixos/modules/services/continuous-integration/buildkite-agents.nix b/nixos/modules/services/continuous-integration/buildkite-agents.nix
index c17d89c387a1..b0045409ae60 100644
--- a/nixos/modules/services/continuous-integration/buildkite-agents.nix
+++ b/nixos/modules/services/continuous-integration/buildkite-agents.nix
@@ -208,8 +208,12 @@ in
       description = "Buildkite agent user";
       extraGroups = [ "keys" ];
       isSystemUser = true;
+      group = "buildkite-agent-${name}";
     };
   });
+  config.users.groups = mapAgents (name: cfg: {
+    "buildkite-agent-${name}" = {};
+  });
 
   config.systemd.services = mapAgents (name: cfg: {
     "buildkite-agent-${name}" =
-- 
cgit 1.4.1