From cb363e6558871b564be2d647b644e2c04ab7939c Mon Sep 17 00:00:00 2001 From: Brendan Golden Date: Sun, 10 Sep 2023 22:38:19 +0100 Subject: [PATCH] feat: need a user, group and home to run this --- flake.nix | 35 ++++++++++++++++++++++++++++++++++- 1 file changed, 34 insertions(+), 1 deletion(-) diff --git a/flake.nix b/flake.nix index 49c896c..94270a6 100644 --- a/flake.nix +++ b/flake.nix @@ -52,6 +52,10 @@ LDAP_API = cfg.ldap; DISCORD_TIMING_UPDATE = cfg.discord.timing.update; DISCORD_TIMING_FETCH = cfg.discord.timing.fetch; + + # local details + HOME = cfg.home; + DATABASE = "database.db"; }; in { options.services."${package_name}" = { @@ -106,9 +110,37 @@ default = "https://api.account.skynet.ie"; description = "Location of the ldap api"; }; + + user = mkOption rec { + type = types.str; + default = "${package_name}"; + description = "The user to run the service"; + }; + + home = mkOption rec { + type = types.str; + default = "/etc/${cfg.prefix}${package_name}"; + description = "The home for the user"; + }; + + prefix = mkOption rec { + type = types.str; + default = "skynet_"; + example = default; + description = "The prefix used to name service/folders"; + }; }; config = mkIf cfg.enable { + + users.groups."${cfg.user}" = { }; + + users.users."${cfg.user}" = { + createHome = true; + isSystemUser = true; + home = "${cfg.home}"; + group = "${cfg.user}"; + }; systemd.services = { # main service @@ -120,7 +152,8 @@ environment = environment_config; serviceConfig = { - DynamicUser = "yes"; + User = "${cfg.user}"; + Group = "${cfg.user}"; Restart = "always"; ExecStart = "${self.defaultPackage."${system}"}/bin/${package_name}"; # can have multiple env files