* tv: regen ids
This commit is contained in:
parent
cf53d56a92
commit
14ac6d3bba
@ -74,7 +74,7 @@ let
|
||||
|
||||
user = {
|
||||
name = "charybdis";
|
||||
uid = 3731512864; # genid charybdis
|
||||
uid = 3748224544; # genid charybdis
|
||||
};
|
||||
|
||||
configFile = toFile "charybdis-ircd.conf" ''
|
||||
|
@ -88,7 +88,7 @@ let
|
||||
ExecStartPre = pkgs.writeScript "consul-init" ''
|
||||
#! /bin/sh
|
||||
mkdir -p ${cfg.data-dir}
|
||||
chown consul: ${cfg.data-dir}
|
||||
chown ${user.name}: ${cfg.data-dir}
|
||||
install -o ${user.name} -m 0400 ${cfg.encrypt-file} /tmp/encrypt.json
|
||||
'';
|
||||
ExecStart = pkgs.writeScript "consul-service" ''
|
||||
@ -111,7 +111,7 @@ let
|
||||
|
||||
user = {
|
||||
name = "consul";
|
||||
uid = 2983239726; # genid consul
|
||||
uid = 2999951406; # genid consul
|
||||
};
|
||||
|
||||
in
|
||||
|
@ -55,8 +55,7 @@ let
|
||||
|
||||
user = {
|
||||
name = "ejabberd";
|
||||
uid = 405222;
|
||||
# TODO uid = 3483034447; # genid ejabberd
|
||||
uid = 3499746127; # genid ejabberd
|
||||
};
|
||||
|
||||
my-ejabberdctl = pkgs.writeScriptBin "ejabberdctl" ''
|
||||
|
@ -149,7 +149,7 @@ let
|
||||
shell = "/bin/sh";
|
||||
openssh.authorizedKeys.keys =
|
||||
mapAttrsToList (_: makeAuthorizedKey git-ssh-command) cfg.users;
|
||||
uid = 112606723; # genid git
|
||||
uid = 129318403; # genid git
|
||||
};
|
||||
};
|
||||
|
||||
@ -237,13 +237,13 @@ let
|
||||
|
||||
fcgitwrap-user = {
|
||||
name = "fcgiwrap";
|
||||
uid = 2851179180; # genid fcgiwrap
|
||||
uid = 2867890860; # genid fcgiwrap
|
||||
group = "fcgiwrap";
|
||||
};
|
||||
|
||||
fcgitwrap-group = {
|
||||
name = "fcgiwrap";
|
||||
gid = 2851179180; # genid fcgiwrap
|
||||
name = fcgitwrap-user.name;
|
||||
gid = fcgitwrap-user.uid;
|
||||
};
|
||||
|
||||
|
||||
|
@ -75,7 +75,7 @@ let
|
||||
|
||||
user = {
|
||||
name = "github-hosts-sync";
|
||||
uid = 3203842966; # genid github-hosts-sync
|
||||
uid = 3220554646; # genid github-hosts-sync
|
||||
};
|
||||
|
||||
Zpkgs = import ../../Zpkgs/tv { inherit pkgs; };
|
||||
|
@ -46,7 +46,6 @@ let
|
||||
description = ''
|
||||
The tinc network name.
|
||||
It is used to generate long host entries,
|
||||
derive the name of the user account under which tincd runs,
|
||||
and name the TUN device.
|
||||
'';
|
||||
};
|
||||
@ -106,20 +105,22 @@ let
|
||||
# and the private key.
|
||||
ExecStartPre = pkgs.writeScript "retiolum-init" ''
|
||||
#! /bin/sh
|
||||
install -o ${user} -m 0400 ${cfg.privateKeyFile} /tmp/retiolum-rsa_key.priv
|
||||
install -o ${user.name} -m 0400 ${cfg.privateKeyFile} /tmp/retiolum-rsa_key.priv
|
||||
'';
|
||||
ExecStart = "${tinc}/sbin/tincd -c ${confDir} -d 0 -U ${user} -D";
|
||||
ExecStart = "${tinc}/sbin/tincd -c ${confDir} -d 0 -U ${user.name} -D";
|
||||
SyslogIdentifier = "retiolum";
|
||||
};
|
||||
};
|
||||
|
||||
# TODO user.name = "retiolum"
|
||||
users.extraUsers = singleton {
|
||||
name = user;
|
||||
uid = 2961822815; # bin/genid retiolum-tinc
|
||||
inherit (user) name uid;
|
||||
};
|
||||
};
|
||||
|
||||
user = {
|
||||
name = "retiolum";
|
||||
uid = 301281149; # genid retiolum
|
||||
};
|
||||
|
||||
tinc = cfg.tincPackage;
|
||||
hostsType = builtins.typeOf cfg.hosts;
|
||||
@ -217,21 +218,5 @@ let
|
||||
|
||||
chmod +x $out/tinc-up
|
||||
'';
|
||||
|
||||
|
||||
user = cfg.network + "-tinc";
|
||||
|
||||
in
|
||||
out
|
||||
|
||||
|
||||
|
||||
#let
|
||||
# cfg = config.tv.retiolum;
|
||||
# arg' = arg // { inherit cfg; };
|
||||
#in
|
||||
#
|
||||
#{
|
||||
# options.tv.retiolum = import ./options.nix arg';
|
||||
# config = lib.mkIf cfg.enable (import ./config.nix arg');
|
||||
#}
|
||||
|
@ -28,7 +28,7 @@ let
|
||||
};
|
||||
from = mkOption {
|
||||
type = types.str;
|
||||
default = "${cfg.user}@${config.networking.hostName}.retiolum";
|
||||
default = "${user.name}@${config.networking.hostName}.retiolum";
|
||||
description = ''
|
||||
Content of the From: header of the generated mails.
|
||||
'';
|
||||
@ -54,11 +54,6 @@ let
|
||||
https://nixos.org/channels/nixos-unstable/git-revision
|
||||
];
|
||||
};
|
||||
user = mkOption {
|
||||
type = types.str;
|
||||
default = "urlwatch";
|
||||
description = "User under which urlwatch runs.";
|
||||
};
|
||||
};
|
||||
|
||||
urlsFile = toFile "urls" (concatStringsSep "\n" cfg.urls);
|
||||
@ -84,7 +79,7 @@ let
|
||||
SSL_CERT_FILE = "${pkgs.cacert}/etc/ssl/certs/ca-bundle.crt";
|
||||
};
|
||||
serviceConfig = {
|
||||
User = cfg.user;
|
||||
User = user.name;
|
||||
PermissionsStartOnly = "true";
|
||||
PrivateTmp = "true";
|
||||
Type = "oneshot";
|
||||
@ -94,11 +89,10 @@ let
|
||||
set -euf
|
||||
|
||||
dataDir=$HOME
|
||||
user=${escapeShellArg cfg.user}
|
||||
|
||||
if ! test -e "$dataDir"; then
|
||||
mkdir -m 0700 -p "$dataDir"
|
||||
chown "$user": "$dataDir"
|
||||
chown ${user.name}: "$dataDir"
|
||||
fi
|
||||
'';
|
||||
ExecStart = pkgs.writeScript "urlwatch" ''
|
||||
@ -108,7 +102,6 @@ let
|
||||
from=${escapeShellArg cfg.from}
|
||||
mailto=${escapeShellArg cfg.mailto}
|
||||
urlsFile=${escapeShellArg urlsFile}
|
||||
user=${escapeShellArg cfg.user}
|
||||
|
||||
cd /tmp
|
||||
|
||||
@ -130,11 +123,14 @@ let
|
||||
'';
|
||||
};
|
||||
};
|
||||
users.extraUsers = optionals (cfg.user == "urlwatch") (singleton {
|
||||
name = "urlwatch";
|
||||
uid = 3450919516; # bin/genid urlwatch
|
||||
});
|
||||
users.extraUsers = singleton {
|
||||
inherit (user) name uid;
|
||||
};
|
||||
};
|
||||
|
||||
user = {
|
||||
name = "urlwatch";
|
||||
uid = 3467631196; # genid urlwatch
|
||||
};
|
||||
in
|
||||
out
|
||||
|
Loading…
Reference in New Issue
Block a user