Add several missing uids and gids to modules/misc/ids.nix
This commit is contained in:
parent
bfc75e73ae
commit
f420726936
@ -82,6 +82,18 @@ in
|
||||
iodined = 66;
|
||||
graphite = 68;
|
||||
statsd = 69;
|
||||
transmission = 70;
|
||||
postgres = 71;
|
||||
smbguest = 74;
|
||||
varnish = 75;
|
||||
dd-agent = 76;
|
||||
lighttpd = 77;
|
||||
lightdm = 78;
|
||||
freenet = 79;
|
||||
ircd = 80;
|
||||
bacula = 81;
|
||||
almir = 82;
|
||||
deluge = 83;
|
||||
|
||||
# When adding a uid, make sure it doesn't match an existing gid.
|
||||
|
||||
@ -147,6 +159,20 @@ in
|
||||
iodined = 66;
|
||||
libvirtd = 67;
|
||||
graphite = 68;
|
||||
transmission = 70;
|
||||
postgres = 71;
|
||||
vboxusers = 72;
|
||||
vboxsf = 73;
|
||||
smbguest = 74;
|
||||
varnish = 75;
|
||||
dd-agent = 76;
|
||||
lighttpd = 77;
|
||||
lightdm = 78;
|
||||
freenet = 79;
|
||||
ircd = 80;
|
||||
bacula = 81;
|
||||
almir = 82;
|
||||
deluge = 83;
|
||||
|
||||
# When adding a gid, make sure it doesn't match an existing uid.
|
||||
|
||||
|
@ -9,7 +9,7 @@ let virtualbox = config.boot.kernelPackages.virtualbox; in
|
||||
boot.extraModulePackages = [ virtualbox ];
|
||||
environment.systemPackages = [ virtualbox ];
|
||||
|
||||
users.extraGroups = singleton { name = "vboxusers"; };
|
||||
users.extraGroups.vboxusers.gid = config.ids.gids.vboxusers;
|
||||
|
||||
services.udev.extraRules =
|
||||
''
|
||||
|
@ -161,10 +161,11 @@ in {
|
||||
|
||||
users.extraUsers.almir = {
|
||||
group = "almir";
|
||||
uid = config.ids.uids.almir;
|
||||
createHome = true;
|
||||
shell = "${pkgs.bash}/bin/bash";
|
||||
};
|
||||
|
||||
users.extraGroups.almir = {};
|
||||
users.extraGroups.almir.gid = config.ids.gids.almir;
|
||||
};
|
||||
}
|
||||
|
@ -396,12 +396,13 @@ in {
|
||||
|
||||
users.extraUsers.bacula = {
|
||||
group = "bacula";
|
||||
uid = config.ids.uids.bacula;
|
||||
home = "${libDir}";
|
||||
createHome = true;
|
||||
description = "Bacula Daemons user";
|
||||
shell = "${pkgs.bash}/bin/bash";
|
||||
};
|
||||
|
||||
users.extraGroups.bacula = {};
|
||||
users.extraGroups.bacula.gid = config.ids.gids.bacula;
|
||||
};
|
||||
}
|
||||
|
@ -154,13 +154,14 @@ in
|
||||
host all all ::1/128 md5
|
||||
'';
|
||||
|
||||
users.extraUsers = singleton
|
||||
users.extraUsers.postgres =
|
||||
{ name = "postgres";
|
||||
uid = config.ids.uids.postgres;
|
||||
group = "postgres";
|
||||
description = "PostgreSQL server user";
|
||||
};
|
||||
|
||||
users.extraGroups = singleton
|
||||
{ name = "postgres"; };
|
||||
users.extraGroups.postgres.gid = config.ids.gids.postgres;
|
||||
|
||||
environment.systemPackages = [postgresql];
|
||||
|
||||
|
@ -46,12 +46,13 @@ in {
|
||||
|
||||
users.extraUsers."dd-agent" = {
|
||||
description = "Datadog Agent User";
|
||||
uid = config.ids.uids.dd-agent;
|
||||
group = "dd-agent";
|
||||
home = "/var/log/datadog/";
|
||||
createHome = true;
|
||||
};
|
||||
|
||||
users.extraGroups."dd-agent" = { };
|
||||
users.extraGroups.dd-agent.gid = config.ids.gids.dd-agent;
|
||||
|
||||
systemd.services.dd-agent = {
|
||||
description = "Datadog agent monitor";
|
||||
|
@ -188,16 +188,13 @@ in
|
||||
}
|
||||
|
||||
(mkIf config.services.samba.enable {
|
||||
users.extraUsers = singleton
|
||||
{ name = user;
|
||||
description = "Samba service user";
|
||||
group = group;
|
||||
};
|
||||
|
||||
users.extraGroups = singleton
|
||||
{ name = group;
|
||||
};
|
||||
users.extraUsers.smbguest = {
|
||||
description = "Samba service user";
|
||||
group = group;
|
||||
uid = config.ids.uids.smbguest;
|
||||
};
|
||||
|
||||
users.extraGroups.smbguest.gid = config.ids.uids.smbguest;
|
||||
|
||||
systemd = {
|
||||
targets.samba = {
|
||||
|
@ -55,9 +55,10 @@ in
|
||||
description = "Freenet daemon user";
|
||||
home = varDir;
|
||||
createHome = true;
|
||||
uid = config.ids.uids.freenet;
|
||||
};
|
||||
|
||||
users.extraGroups.freenet = {};
|
||||
users.extraGroups.freenet.gid = config.ids.gids.freenet;
|
||||
};
|
||||
|
||||
}
|
||||
|
@ -115,10 +115,11 @@ in
|
||||
users.extraUsers = singleton
|
||||
{ name = "ircd";
|
||||
description = "IRCD owner";
|
||||
group = "ircd";
|
||||
uid = config.ids.uids.ircd;
|
||||
};
|
||||
|
||||
users.extraGroups = singleton
|
||||
{ name = "ircd"; };
|
||||
users.extraGroups.ircd.gid = config.ids.gids.ircd;
|
||||
|
||||
jobs.ircd_hybrid =
|
||||
{ name = "ircd-hybrid";
|
||||
|
@ -103,18 +103,14 @@ in
|
||||
target = "dbus-1";
|
||||
};
|
||||
|
||||
users.extraUsers = singleton
|
||||
{ name = "messagebus";
|
||||
uid = config.ids.uids.messagebus;
|
||||
description = "D-Bus system message bus daemon user";
|
||||
home = homeDir;
|
||||
group = "messagebus";
|
||||
};
|
||||
users.extraUsers.messagebus = {
|
||||
uid = config.ids.uids.messagebus;
|
||||
description = "D-Bus system message bus daemon user";
|
||||
home = homeDir;
|
||||
group = "messagebus";
|
||||
};
|
||||
|
||||
users.extraGroups = singleton
|
||||
{ name = "messagebus";
|
||||
gid = config.ids.gids.messagebus;
|
||||
};
|
||||
users.extraGroups.messagebus.gid = config.ids.gids.messagebus;
|
||||
|
||||
# FIXME: these are copied verbatim from the dbus source tree. We
|
||||
# should install and use the originals.
|
||||
|
@ -54,11 +54,12 @@ in {
|
||||
|
||||
users.extraUsers.deluge = {
|
||||
group = "deluge";
|
||||
uid = config.ids.uids.deluge;
|
||||
home = "/var/lib/deluge/";
|
||||
createHome = true;
|
||||
description = "Deluge Daemon user";
|
||||
};
|
||||
|
||||
users.extraGroups.deluge = {};
|
||||
users.extraGroups.deluge.gid = config.ids.gids.deluge;
|
||||
};
|
||||
}
|
||||
|
@ -129,12 +129,13 @@ in
|
||||
|
||||
users.extraUsers.transmission = {
|
||||
group = "transmission";
|
||||
uid = config.ids.uids.transmission;
|
||||
description = "Transmission BitTorrent user";
|
||||
home = homeDir;
|
||||
createHome = true;
|
||||
};
|
||||
|
||||
users.extraGroups.transmission = {};
|
||||
users.extraGroups.transmission.gid = config.ids.gids.transmission;
|
||||
|
||||
# AppArmor profile
|
||||
security.apparmor.profiles = mkIf (config.security.apparmor.enable && cfg.apparmor) [
|
||||
|
@ -170,8 +170,9 @@ in
|
||||
users.extraUsers.lighttpd = {
|
||||
group = "lighttpd";
|
||||
description = "lighttpd web server privilege separation user";
|
||||
uid = config.ids.uids.lighttpd;
|
||||
};
|
||||
|
||||
users.extraGroups.lighttpd = {};
|
||||
users.extraGroups.lighttpd.gid = config.ids.gids.lighttpd;
|
||||
};
|
||||
}
|
||||
|
@ -47,8 +47,9 @@ with pkgs.lib;
|
||||
|
||||
users.extraUsers.varnish = {
|
||||
group = "varnish";
|
||||
uid = config.ids.uids.varnish;
|
||||
};
|
||||
|
||||
users.extraGroups.varnish = {};
|
||||
users.extraGroups.varnish.gid = config.ids.uids.varnish;
|
||||
};
|
||||
}
|
||||
|
@ -38,7 +38,7 @@ optionalAttrs (pkgs.stdenv.isi686 || pkgs.stdenv.isx86_64) # ugly...
|
||||
|
||||
boot.extraModulePackages = [ kernel.virtualboxGuestAdditions ];
|
||||
|
||||
users.extraGroups = singleton { name = "vboxsf"; };
|
||||
users.extraGroups.vboxsf.gid = config.ids.gids.vboxsf;
|
||||
|
||||
jobs.virtualbox =
|
||||
{ description = "VirtualBox Guest Services";
|
||||
|
Loading…
Reference in New Issue
Block a user