From ac22d1bc39de194276997b1ac21aa08c900d33b9 Mon Sep 17 00:00:00 2001 From: Simon Bruder Date: Fri, 14 Jan 2022 17:16:27 +0100 Subject: [PATCH] fuuko/go-neb: Use persistent system user Using a dynamic user is unreliable as the pre-start script often starts before the user and group are created. --- machines/fuuko/services/matrix/go-neb.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/machines/fuuko/services/matrix/go-neb.nix b/machines/fuuko/services/matrix/go-neb.nix index cd06a1d..bf2220d 100644 --- a/machines/fuuko/services/matrix/go-neb.nix +++ b/machines/fuuko/services/matrix/go-neb.nix @@ -7,6 +7,12 @@ in go-neb-overrides.sopsFile = ../../secrets.yaml; }; + users.users.go-neb = { + isSystemUser = true; + group = "go-neb"; + }; + users.groups.go-neb = { }; + services.go-neb = rec { enable = true; bindAddress = "127.0.0.1:8010"; @@ -64,6 +70,7 @@ in serviceConfig = { RuntimeDirectory = "go-neb"; RuntimeDirectoryMode = "0750"; + DynamicUser = lib.mkForce false; ExecStartPre = let baseConfig = pkgs.writeText "config-base.json" (builtins.toJSON config.services.go-neb.config);