fuuko/go-neb: Use persistent system user

Using a dynamic user is unreliable as the pre-start script often starts
before the user and group are created.
This commit is contained in:
Simon Bruder 2022-01-14 17:16:27 +01:00
parent cc9fbf8d37
commit ac22d1bc39
Signed by: simon
GPG key ID: 8D3C82F9F309F8EC

View file

@ -7,6 +7,12 @@ in
go-neb-overrides.sopsFile = ../../secrets.yaml; go-neb-overrides.sopsFile = ../../secrets.yaml;
}; };
users.users.go-neb = {
isSystemUser = true;
group = "go-neb";
};
users.groups.go-neb = { };
services.go-neb = rec { services.go-neb = rec {
enable = true; enable = true;
bindAddress = "127.0.0.1:8010"; bindAddress = "127.0.0.1:8010";
@ -64,6 +70,7 @@ in
serviceConfig = { serviceConfig = {
RuntimeDirectory = "go-neb"; RuntimeDirectory = "go-neb";
RuntimeDirectoryMode = "0750"; RuntimeDirectoryMode = "0750";
DynamicUser = lib.mkForce false;
ExecStartPre = ExecStartPre =
let let
baseConfig = pkgs.writeText "config-base.json" (builtins.toJSON config.services.go-neb.config); baseConfig = pkgs.writeText "config-base.json" (builtins.toJSON config.services.go-neb.config);