From 440556a77ce2885cc823c97064ba4b209d33b3ce Mon Sep 17 00:00:00 2001
From: Peter Hoeg <peter@hoeg.com>
Date: Thu, 29 Mar 2018 16:59:00 +0800
Subject: nixos squeezelite: run using DynamicUser

---
 nixos/modules/misc/ids.nix                   |  2 +-
 nixos/modules/services/audio/squeezelite.nix | 28 +++++-----------------------
 2 files changed, 6 insertions(+), 24 deletions(-)

(limited to 'nixos')

diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix
index 0b4ed6d3b628..bc844737b5b0 100644
--- a/nixos/modules/misc/ids.nix
+++ b/nixos/modules/misc/ids.nix
@@ -272,7 +272,7 @@
       nzbget = 245;
       mosquitto = 246;
       toxvpn = 247;
-      squeezelite = 248;
+      # squeezelite = 248; # DynamicUser = true
       turnserver = 249;
       smokeping = 250;
       gocd-agent = 251;
diff --git a/nixos/modules/services/audio/squeezelite.nix b/nixos/modules/services/audio/squeezelite.nix
index 57ae38559939..ab2de179cfc3 100644
--- a/nixos/modules/services/audio/squeezelite.nix
+++ b/nixos/modules/services/audio/squeezelite.nix
@@ -3,9 +3,7 @@
 with lib;
 
 let
-
-  uid = config.ids.uids.squeezelite;
-  cfg = config.services.squeezelite;
+  dataDir = "/var/lib/squeezelite";
 
 in {
 
@@ -17,14 +15,6 @@ in {
 
       enable = mkEnableOption "Squeezelite, a software Squeezebox emulator";
 
-      dataDir = mkOption {
-        default = "/var/lib/squeezelite";
-        type = types.str;
-        description = ''
-          The directory where Squeezelite stores its name file.
-        '';
-      };
-
       extraArguments = mkOption {
         default = "";
         type = types.str;
@@ -46,22 +36,14 @@ in {
       wantedBy = [ "multi-user.target" ];
       after = [ "network.target" "sound.target" ];
       description = "Software Squeezebox emulator";
-      preStart = "mkdir -p ${cfg.dataDir} && chown -R squeezelite ${cfg.dataDir}";
       serviceConfig = {
-        ExecStart = "${pkgs.squeezelite}/bin/squeezelite -N ${cfg.dataDir}/player-name ${cfg.extraArguments}";
-        User = "squeezelite";
-        PermissionsStartOnly = true;
+        DynamicUser = true;
+        ExecStart = "${pkgs.squeezelite}/bin/squeezelite -N ${dataDir}/player-name ${cfg.extraArguments}";
+        StateDirectory = builtins.baseNameOf dataDir;
+        SupplementaryGroups = "audio";
       };
     };
 
-    users.users.squeezelite= {
-      inherit uid;
-      group = "nogroup";
-      extraGroups = [ "audio" ];
-      description = "Squeezelite user";
-      home = "${cfg.dataDir}";
-    };
-
   };
 
 }
-- 
cgit 1.4.1