From 80721cdd41ff107c650e8349a03bea1f6f43cfbb Mon Sep 17 00:00:00 2001
From: Kirill Elagin <kirelagin@gmail.com>
Date: Wed, 11 Jun 2014 13:17:00 +0400
Subject: [PATCH 1/3] Revert "Fix configuring httpd with custom user/group."

This reverts commit 08f9da2e8eb9d3da39a1f28e191bd4fb7fd2fa45.
---
 nixos/modules/services/web-servers/apache-httpd/default.nix | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/nixos/modules/services/web-servers/apache-httpd/default.nix b/nixos/modules/services/web-servers/apache-httpd/default.nix
index b8359d4756b3..75ec6671d156 100644
--- a/nixos/modules/services/web-servers/apache-httpd/default.nix
+++ b/nixos/modules/services/web-servers/apache-httpd/default.nix
@@ -594,14 +594,14 @@ in
                      message = "SSL is enabled for HTTPD, but sslServerCert and/or sslServerKey haven't been specified."; }
                  ];
 
-    users.extraUsers = optional (mainCfg.user == "wwwrun")
+    users.extraUsers = optionalAttrs (mainCfg.user == "wwwrun") singleton
       { name = "wwwrun";
         group = "wwwrun";
         description = "Apache httpd user";
         uid = config.ids.uids.wwwrun;
       };
 
-    users.extraGroups = optional (mainCfg.group == "wwwrun")
+    users.extraGroups = optionalAttrs (mainCfg.group == "wwwrun") singleton
       { name = "wwwrun";
         gid = config.ids.gids.wwwrun;
       };

From 1208dd4df0602fb2f413a643eb9a7367bf1b6443 Mon Sep 17 00:00:00 2001
From: Kirill Elagin <kirelagin@gmail.com>
Date: Wed, 11 Jun 2014 13:17:42 +0400
Subject: [PATCH 2/3] Fix configuring apache with extra user/group

This fix is consistent with all the other modules.
---
 .../modules/services/web-servers/apache-httpd/default.nix | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/nixos/modules/services/web-servers/apache-httpd/default.nix b/nixos/modules/services/web-servers/apache-httpd/default.nix
index 75ec6671d156..c76f127b721e 100644
--- a/nixos/modules/services/web-servers/apache-httpd/default.nix
+++ b/nixos/modules/services/web-servers/apache-httpd/default.nix
@@ -594,17 +594,17 @@ in
                      message = "SSL is enabled for HTTPD, but sslServerCert and/or sslServerKey haven't been specified."; }
                  ];
 
-    users.extraUsers = optionalAttrs (mainCfg.user == "wwwrun") singleton
+    users.extraUsers = optionalAttrs (mainCfg.user == "wwwrun") (singleton
       { name = "wwwrun";
         group = "wwwrun";
         description = "Apache httpd user";
         uid = config.ids.uids.wwwrun;
-      };
+      });
 
-    users.extraGroups = optionalAttrs (mainCfg.group == "wwwrun") singleton
+    users.extraGroups = optionalAttrs (mainCfg.group == "wwwrun") (singleton
       { name = "wwwrun";
         gid = config.ids.gids.wwwrun;
-      };
+      });
 
     environment.systemPackages = [httpd] ++ concatMap (svc: svc.extraPath) allSubservices;
 

From f81434bdfe5cf4946a7b731c7a158873fea0b261 Mon Sep 17 00:00:00 2001
From: Kirill Elagin <kirelagin@gmail.com>
Date: Wed, 11 Jun 2014 13:36:15 +0400
Subject: [PATCH 3/3] Fix trying to add users to non-existent groups

---
 nixos/modules/services/databases/openldap.nix               | 2 +-
 nixos/modules/services/web-servers/apache-httpd/default.nix | 2 +-
 nixos/modules/services/web-servers/nginx/default.nix        | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/nixos/modules/services/databases/openldap.nix b/nixos/modules/services/databases/openldap.nix
index c95238b34515..eae4c114fc12 100644
--- a/nixos/modules/services/databases/openldap.nix
+++ b/nixos/modules/services/databases/openldap.nix
@@ -68,7 +68,7 @@ in
 
     users.extraUsers = optionalAttrs (cfg.user == "openldap") (singleton
       { name = "openldap";
-        group = "openldap";
+        group = cfg.group;
         uid = config.ids.uids.openldap;
       });
 
diff --git a/nixos/modules/services/web-servers/apache-httpd/default.nix b/nixos/modules/services/web-servers/apache-httpd/default.nix
index c76f127b721e..6d0416fbb155 100644
--- a/nixos/modules/services/web-servers/apache-httpd/default.nix
+++ b/nixos/modules/services/web-servers/apache-httpd/default.nix
@@ -596,7 +596,7 @@ in
 
     users.extraUsers = optionalAttrs (mainCfg.user == "wwwrun") (singleton
       { name = "wwwrun";
-        group = "wwwrun";
+        group = mainCfg.group;
         description = "Apache httpd user";
         uid = config.ids.uids.wwwrun;
       });
diff --git a/nixos/modules/services/web-servers/nginx/default.nix b/nixos/modules/services/web-servers/nginx/default.nix
index ff94ee42d28d..ef1aaee75579 100644
--- a/nixos/modules/services/web-servers/nginx/default.nix
+++ b/nixos/modules/services/web-servers/nginx/default.nix
@@ -105,7 +105,7 @@ in
 
     users.extraUsers = optionalAttrs (cfg.user == "nginx") (singleton
       { name = "nginx";
-        group = "nginx";
+        group = cfg.group;
         uid = config.ids.uids.nginx;
       });