feat: need a user, group and home to run this
This commit is contained in:
parent
87aa806397
commit
cb363e6558
1 changed files with 34 additions and 1 deletions
35
flake.nix
35
flake.nix
|
|
@ -52,6 +52,10 @@
|
||||||
LDAP_API = cfg.ldap;
|
LDAP_API = cfg.ldap;
|
||||||
DISCORD_TIMING_UPDATE = cfg.discord.timing.update;
|
DISCORD_TIMING_UPDATE = cfg.discord.timing.update;
|
||||||
DISCORD_TIMING_FETCH = cfg.discord.timing.fetch;
|
DISCORD_TIMING_FETCH = cfg.discord.timing.fetch;
|
||||||
|
|
||||||
|
# local details
|
||||||
|
HOME = cfg.home;
|
||||||
|
DATABASE = "database.db";
|
||||||
};
|
};
|
||||||
in {
|
in {
|
||||||
options.services."${package_name}" = {
|
options.services."${package_name}" = {
|
||||||
|
|
@ -106,10 +110,38 @@
|
||||||
default = "https://api.account.skynet.ie";
|
default = "https://api.account.skynet.ie";
|
||||||
description = "Location of the ldap api";
|
description = "Location of the ldap api";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
user = mkOption rec {
|
||||||
|
type = types.str;
|
||||||
|
default = "${package_name}";
|
||||||
|
description = "The user to run the service";
|
||||||
|
};
|
||||||
|
|
||||||
|
home = mkOption rec {
|
||||||
|
type = types.str;
|
||||||
|
default = "/etc/${cfg.prefix}${package_name}";
|
||||||
|
description = "The home for the user";
|
||||||
|
};
|
||||||
|
|
||||||
|
prefix = mkOption rec {
|
||||||
|
type = types.str;
|
||||||
|
default = "skynet_";
|
||||||
|
example = default;
|
||||||
|
description = "The prefix used to name service/folders";
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
config = mkIf cfg.enable {
|
config = mkIf cfg.enable {
|
||||||
|
|
||||||
|
users.groups."${cfg.user}" = { };
|
||||||
|
|
||||||
|
users.users."${cfg.user}" = {
|
||||||
|
createHome = true;
|
||||||
|
isSystemUser = true;
|
||||||
|
home = "${cfg.home}";
|
||||||
|
group = "${cfg.user}";
|
||||||
|
};
|
||||||
|
|
||||||
systemd.services = {
|
systemd.services = {
|
||||||
# main service
|
# main service
|
||||||
"${package_name}" = {
|
"${package_name}" = {
|
||||||
|
|
@ -120,7 +152,8 @@
|
||||||
environment = environment_config;
|
environment = environment_config;
|
||||||
|
|
||||||
serviceConfig = {
|
serviceConfig = {
|
||||||
DynamicUser = "yes";
|
User = "${cfg.user}";
|
||||||
|
Group = "${cfg.user}";
|
||||||
Restart = "always";
|
Restart = "always";
|
||||||
ExecStart = "${self.defaultPackage."${system}"}/bin/${package_name}";
|
ExecStart = "${self.defaultPackage."${system}"}/bin/${package_name}";
|
||||||
# can have multiple env files
|
# can have multiple env files
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue