swendel/nixpkgs
1
0
Fork 0
mirror of https://github.com/SebastianWendel/nixpkgs.git synced 2024-09-20 12:29:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #42887 from matthewbauer/libsecurity-closure-reductions

Browse source 
Libsecurity closure reductions
This commit is contained in:
Matthew Bauer 2018-07-02 18:34:53 -04:00 committed by GitHub
parent c1ffc65d1a d568d5016a
commit e8e26becac
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
356 changed files with 3115 additions and 2085 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
doc/languages-frameworks/python.section.md
View file

@ -1029,7 +1029,7 @@ To alter a python package using overlays, you would use the following approach:
```nix ```nix
self: super: self: super:
rec { {
python = super.python.override { python = super.python.override {
packageOverrides = python-self: python-super: { packageOverrides = python-self: python-super: {
bepasty-server = python-super.bepasty-server.overrideAttrs ( oldAttrs: { bepasty-server = python-super.bepasty-server.overrideAttrs ( oldAttrs: {
@ -1041,7 +1041,7 @@ rec {
}); });
}; };
}; };
pythonPackages = python.pkgs; pythonPackages = self.python.pkgs;
} }
``` ```

4
nixos/modules/config/ldap.nix
View file

@ -215,11 +215,11 @@ in
); );
users = mkIf cfg.daemon.enable { users = mkIf cfg.daemon.enable {
extraGroups.nslcd = { groups.nslcd = {
gid = config.ids.gids.nslcd; gid = config.ids.gids.nslcd;
}; };
extraUsers.nslcd = { users.nslcd = {
uid = config.ids.uids.nslcd; uid = config.ids.uids.nslcd;
description = "nslcd user."; description = "nslcd user.";
group = "nslcd"; group = "nslcd";

4
nixos/modules/config/pulseaudio.nix
View file

@ -264,7 +264,7 @@ in {
}) })
(mkIf systemWide { (mkIf systemWide {
users.extraUsers.pulse = { users.users.pulse = {
# For some reason, PulseAudio wants UID == GID. # For some reason, PulseAudio wants UID == GID.
uid = assert uid == gid; uid; uid = assert uid == gid; uid;
group = "pulse"; group = "pulse";
@ -274,7 +274,7 @@ in {
createHome = true; createHome = true;
}; };
users.extraGroups.pulse.gid = gid; users.groups.pulse.gid = gid;
systemd.services.pulseaudio = { systemd.services.pulseaudio = {
description = "PulseAudio System-Wide Server"; description = "PulseAudio System-Wide Server";

2
nixos/modules/hardware/nitrokey.nix
View file

@ -36,6 +36,6 @@ in
{ inherit (cfg) group; } { inherit (cfg) group; }
)) ))
]; ];
users.extraGroups."${cfg.group}" = {}; users.groups."${cfg.group}" = {};
}; };
} }

2
nixos/modules/installer/cd-dvd/installation-cd-base.nix
View file

@ -30,7 +30,7 @@ with lib;
boot.loader.grub.memtest86.enable = true; boot.loader.grub.memtest86.enable = true;
# Allow the user to log in as root without a password. # Allow the user to log in as root without a password.
users.extraUsers.root.initialHashedPassword = ""; users.users.root.initialHashedPassword = "";
system.nixos.stateVersion = mkDefault "18.03"; system.nixos.stateVersion = mkDefault "18.03";
} }

2
nixos/modules/installer/cd-dvd/sd-image-aarch64.nix
View file

@ -34,7 +34,7 @@ in
boot.kernelParams = ["cma=32M" "console=ttyS0,115200n8" "console=ttyAMA0,115200n8" "console=tty0"]; boot.kernelParams = ["cma=32M" "console=ttyS0,115200n8" "console=ttyAMA0,115200n8" "console=tty0"];
# FIXME: this probably should be in installation-device.nix # FIXME: this probably should be in installation-device.nix
users.extraUsers.root.initialHashedPassword = ""; users.users.root.initialHashedPassword = "";
sdImage = { sdImage = {
populateBootCommands = let populateBootCommands = let

2
nixos/modules/installer/cd-dvd/sd-image-armv7l-multiplatform.nix
View file

@ -35,7 +35,7 @@ in
boot.kernelParams = ["console=ttyS0,115200n8" "console=ttymxc0,115200n8" "console=ttyAMA0,115200n8" "console=ttyO0,115200n8" "console=ttySAC2,115200n8" "console=tty0"]; boot.kernelParams = ["console=ttyS0,115200n8" "console=ttymxc0,115200n8" "console=ttyAMA0,115200n8" "console=ttyO0,115200n8" "console=ttySAC2,115200n8" "console=tty0"];
# FIXME: this probably should be in installation-device.nix # FIXME: this probably should be in installation-device.nix
users.extraUsers.root.initialHashedPassword = ""; users.users.root.initialHashedPassword = "";
sdImage = { sdImage = {
populateBootCommands = let populateBootCommands = let

2
nixos/modules/installer/cd-dvd/sd-image-raspberrypi.nix
View file

@ -28,7 +28,7 @@ in
boot.kernelPackages = pkgs.linuxPackages_rpi; boot.kernelPackages = pkgs.linuxPackages_rpi;
# FIXME: this probably should be in installation-device.nix # FIXME: this probably should be in installation-device.nix
users.extraUsers.root.initialHashedPassword = ""; users.users.root.initialHashedPassword = "";
sdImage = { sdImage = {
populateBootCommands = let populateBootCommands = let

2
nixos/modules/installer/netboot/netboot-base.nix
View file

@ -16,5 +16,5 @@ with lib;
]; ];
# Allow the user to log in as root without a password. # Allow the user to log in as root without a password.
users.extraUsers.root.initialHashedPassword = ""; users.users.root.initialHashedPassword = "";
} }

2
nixos/modules/installer/tools/nixos-generate-config.pl
View file

@ -619,7 +619,7 @@ $bootLoaderConfig
# services.xserver.desktopManager.plasma5.enable = true; # services.xserver.desktopManager.plasma5.enable = true;
# Define a user account. Don't forget to set a password with passwd. # Define a user account. Don't forget to set a password with passwd.
# users.extraUsers.guest = { # users.users.guest = {
# isNormalUser = true; # isNormalUser = true;
# uid = 1000; # uid = 1000;
# }; # };

2
nixos/modules/installer/virtualbox-demo.nix
View file

@ -14,7 +14,7 @@ with lib;
boot.loader.grub.fsIdentifier = "provided"; boot.loader.grub.fsIdentifier = "provided";
# Allow mounting of shared folders. # Allow mounting of shared folders.
users.extraUsers.demo.extraGroups = [ "vboxsf" ]; users.users.demo.extraGroups = [ "vboxsf" ];
# Add some more video drivers to give X11 a shot at working in # Add some more video drivers to give X11 a shot at working in
# VMware and QEMU. # VMware and QEMU.

2
nixos/modules/misc/locate.nix
View file

@ -101,7 +101,7 @@ in {
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.extraGroups = mkIf isMLocate { mlocate = {}; }; users.groups = mkIf isMLocate { mlocate = {}; };
security.wrappers = mkIf isMLocate { security.wrappers = mkIf isMLocate {
locate = { locate = {

2
nixos/modules/profiles/demo.nix
View file

@ -3,7 +3,7 @@
{ {
imports = [ ./graphical.nix ]; imports = [ ./graphical.nix ];
users.extraUsers.demo = users.users.demo =
{ isNormalUser = true; { isNormalUser = true;
description = "Demo user account"; description = "Demo user account";
extraGroups = [ "wheel" ]; extraGroups = [ "wheel" ];

4
nixos/modules/programs/adb.nix
View file

@ -14,7 +14,7 @@ with lib;
description = '' description = ''
Whether to configure system to use Android Debug Bridge (adb). Whether to configure system to use Android Debug Bridge (adb).
To grant access to a user, it must be part of adbusers group: To grant access to a user, it must be part of adbusers group:
<code>users.extraUsers.alice.extraGroups = ["adbusers"];</code> <code>users.users.alice.extraGroups = ["adbusers"];</code>
''; '';
relatedPackages = [ ["androidenv" "platformTools"] ]; relatedPackages = [ ["androidenv" "platformTools"] ];
}; };
@ -25,6 +25,6 @@ with lib;
config = mkIf config.programs.adb.enable { config = mkIf config.programs.adb.enable {
services.udev.packages = [ pkgs.android-udev-rules ]; services.udev.packages = [ pkgs.android-udev-rules ];
environment.systemPackages = [ pkgs.androidenv.platformTools ]; environment.systemPackages = [ pkgs.androidenv.platformTools ];
users.extraGroups.adbusers = {}; users.groups.adbusers = {};
}; };
} }

4
nixos/modules/programs/gphoto2.nix
View file

@ -15,7 +15,7 @@ with lib;
Whether to configure system to use gphoto2. Whether to configure system to use gphoto2.
To grant digital camera access to a user, the user must To grant digital camera access to a user, the user must
be part of the camera group: be part of the camera group:
<code>users.extraUsers.alice.extraGroups = ["camera"];</code> <code>users.users.alice.extraGroups = ["camera"];</code>
''; '';
}; };
}; };
@ -25,6 +25,6 @@ with lib;
config = mkIf config.programs.gphoto2.enable { config = mkIf config.programs.gphoto2.enable {
services.udev.packages = [ pkgs.libgphoto2 ]; services.udev.packages = [ pkgs.libgphoto2 ];
environment.systemPackages = [ pkgs.gphoto2 ]; environment.systemPackages = [ pkgs.gphoto2 ];
users.extraGroups.camera = {}; users.groups.camera = {};
}; };
} }

2
nixos/modules/programs/sway.nix
View file

@ -73,7 +73,7 @@ in {
permissions = "u+rx,g+rx"; permissions = "u+rx,g+rx";
}; };
users.extraGroups.sway = {}; users.groups.sway = {};
security.pam.services.swaylock = {}; security.pam.services.swaylock = {};
hardware.opengl.enable = mkDefault true; hardware.opengl.enable = mkDefault true;

2
nixos/modules/programs/wireshark.nix
View file

@ -29,7 +29,7 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
environment.systemPackages = [ wireshark ]; environment.systemPackages = [ wireshark ];
users.extraGroups.wireshark = {}; users.groups.wireshark = {};
security.wrappers.dumpcap = { security.wrappers.dumpcap = {
source = "${wireshark}/bin/dumpcap"; source = "${wireshark}/bin/dumpcap";

2
nixos/modules/security/pam_mount.nix
View file

@ -40,7 +40,7 @@ in
target = "security/pam_mount.conf.xml"; target = "security/pam_mount.conf.xml";
source = source =
let let
extraUserVolumes = filterAttrs (n: u: u.cryptHomeLuks != null) config.users.extraUsers; extraUserVolumes = filterAttrs (n: u: u.cryptHomeLuks != null) config.users.users;
userVolumeEntry = user: "<volume user=\"${user.name}\" path=\"${user.cryptHomeLuks}\" mountpoint=\"${user.home}\" />\n"; userVolumeEntry = user: "<volume user=\"${user.name}\" path=\"${user.cryptHomeLuks}\" mountpoint=\"${user.home}\" />\n";
in in
pkgs.writeText "pam_mount.conf.xml" '' pkgs.writeText "pam_mount.conf.xml" ''

2
nixos/modules/security/polkit.nix
View file

@ -94,7 +94,7 @@ in
rm -rf /var/lib/{polkit-1,PolicyKit} rm -rf /var/lib/{polkit-1,PolicyKit}
''; '';
users.extraUsers.polkituser = { users.users.polkituser = {
description = "PolKit daemon"; description = "PolKit daemon";
uid = config.ids.uids.polkituser; uid = config.ids.uids.polkituser;
}; };

2
nixos/modules/security/rtkit.nix
View file

@ -34,7 +34,7 @@ with lib;
services.dbus.packages = [ pkgs.rtkit ]; services.dbus.packages = [ pkgs.rtkit ];
users.extraUsers = singleton users.users = singleton
{ name = "rtkit"; { name = "rtkit";
uid = config.ids.uids.rtkit; uid = config.ids.uids.rtkit;
description = "RealtimeKit daemon"; description = "RealtimeKit daemon";

4
nixos/modules/services/admin/oxidized.nix
View file

@ -83,8 +83,8 @@ in
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.extraGroups.${cfg.group} = { }; users.groups.${cfg.group} = { };
users.extraUsers.${cfg.user} = { users.users.${cfg.user} = {
description = "Oxidized service user"; description = "Oxidized service user";
group = cfg.group; group = cfg.group;
home = cfg.dataDir; home = cfg.dataDir;

4
nixos/modules/services/amqp/activemq/default.nix
View file

@ -93,13 +93,13 @@ in {
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.extraUsers.activemq = { users.users.activemq = {
description = "ActiveMQ server user"; description = "ActiveMQ server user";
group = "activemq"; group = "activemq";
uid = config.ids.uids.activemq; uid = config.ids.uids.activemq;
}; };
users.extraGroups.activemq.gid = config.ids.gids.activemq; users.groups.activemq.gid = config.ids.gids.activemq;
systemd.services.activemq_init = { systemd.services.activemq_init = {
wantedBy = [ "activemq.service" ]; wantedBy = [ "activemq.service" ];

4
nixos/modules/services/amqp/rabbitmq.nix
View file

@ -83,7 +83,7 @@ in {
environment.systemPackages = [ pkgs.rabbitmq_server ]; environment.systemPackages = [ pkgs.rabbitmq_server ];
users.extraUsers.rabbitmq = { users.users.rabbitmq = {
description = "RabbitMQ server user"; description = "RabbitMQ server user";
home = "${cfg.dataDir}"; home = "${cfg.dataDir}";
createHome = true; createHome = true;
@ -91,7 +91,7 @@ in {
uid = config.ids.uids.rabbitmq; uid = config.ids.uids.rabbitmq;
}; };
users.extraGroups.rabbitmq.gid = config.ids.gids.rabbitmq; users.groups.rabbitmq.gid = config.ids.gids.rabbitmq;
systemd.services.rabbitmq = { systemd.services.rabbitmq = {
description = "RabbitMQ Server"; description = "RabbitMQ Server";

4
nixos/modules/services/audio/liquidsoap.nix
View file

@ -57,7 +57,7 @@ in
config = mkIf (builtins.length streams != 0) { config = mkIf (builtins.length streams != 0) {
users.extraUsers.liquidsoap = { users.users.liquidsoap = {
uid = config.ids.uids.liquidsoap; uid = config.ids.uids.liquidsoap;
group = "liquidsoap"; group = "liquidsoap";
extraGroups = [ "audio" ]; extraGroups = [ "audio" ];
@ -66,7 +66,7 @@ in
createHome = true; createHome = true;
}; };
users.extraGroups.liquidsoap.gid = config.ids.gids.liquidsoap; users.groups.liquidsoap.gid = config.ids.gids.liquidsoap;
systemd.services = builtins.listToAttrs ( map streamService streams ); systemd.services = builtins.listToAttrs ( map streamService streams );
}; };

4
nixos/modules/services/audio/mopidy.nix
View file

@ -93,7 +93,7 @@ in {
}; };
}; };
users.extraUsers.mopidy = { users.users.mopidy = {
inherit uid; inherit uid;
group = "mopidy"; group = "mopidy";
extraGroups = [ "audio" ]; extraGroups = [ "audio" ];
@ -101,7 +101,7 @@ in {
home = "${cfg.dataDir}"; home = "${cfg.dataDir}";
}; };
users.extraGroups.mopidy.gid = gid; users.groups.mopidy.gid = gid;
}; };

4
nixos/modules/services/audio/mpd.nix
View file

@ -184,7 +184,7 @@ in {
}; };
}; };
users.extraUsers = optionalAttrs (cfg.user == name) (singleton { users.users = optionalAttrs (cfg.user == name) (singleton {
inherit uid; inherit uid;
inherit name; inherit name;
group = cfg.group; group = cfg.group;
@ -193,7 +193,7 @@ in {
home = "${cfg.dataDir}"; home = "${cfg.dataDir}";
}); });
users.extraGroups = optionalAttrs (cfg.group == name) (singleton { users.groups = optionalAttrs (cfg.group == name) (singleton {
inherit name; inherit name;
gid = gid; gid = gid;
}); });

2
nixos/modules/services/audio/squeezelite.nix
View file

@ -54,7 +54,7 @@ in {
}; };
}; };
users.extraUsers.squeezelite= { users.users.squeezelite= {
inherit uid; inherit uid;
group = "nogroup"; group = "nogroup";
extraGroups = [ "audio" ]; extraGroups = [ "audio" ];

4
nixos/modules/services/backup/bacula.nix
View file

@ -397,7 +397,7 @@ in {
environment.systemPackages = [ pkgs.bacula ]; environment.systemPackages = [ pkgs.bacula ];
users.extraUsers.bacula = { users.users.bacula = {
group = "bacula"; group = "bacula";
uid = config.ids.uids.bacula; uid = config.ids.uids.bacula;
home = "${libDir}"; home = "${libDir}";
@ -406,6 +406,6 @@ in {
shell = "${pkgs.bash}/bin/bash"; shell = "${pkgs.bash}/bin/bash";
}; };
users.extraGroups.bacula.gid = config.ids.gids.bacula; users.groups.bacula.gid = config.ids.gids.bacula;
}; };
} }

4
nixos/modules/services/backup/duplicati.nix
View file

@ -44,13 +44,13 @@ in
}; };
}; };
users.extraUsers.duplicati = { users.users.duplicati = {
uid = config.ids.uids.duplicati; uid = config.ids.uids.duplicati;
home = "/var/lib/duplicati"; home = "/var/lib/duplicati";
createHome = true; createHome = true;
group = "duplicati"; group = "duplicati";
}; };
users.extraGroups.duplicati.gid = config.ids.gids.duplicati; users.groups.duplicati.gid = config.ids.gids.duplicati;
}; };
} }

2
nixos/modules/services/backup/mysql-backup.nix
View file

@ -84,7 +84,7 @@ in
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.extraUsers = optionalAttrs (cfg.user == defaultUser) (singleton users.users = optionalAttrs (cfg.user == defaultUser) (singleton
{ name = defaultUser; { name = defaultUser;
isSystemUser = true; isSystemUser = true;
createHome = false; createHome = false;

4
nixos/modules/services/backup/restic-rest-server.nix
View file

@ -95,13 +95,13 @@ in
}; };
}; };
users.extraUsers.restic = { users.users.restic = {
group = "restic"; group = "restic";
home = cfg.dataDir; home = cfg.dataDir;
createHome = true; createHome = true;
uid = config.ids.uids.restic; uid = config.ids.uids.restic;
}; };
users.extraGroups.restic.gid = config.ids.uids.restic; users.groups.restic.gid = config.ids.uids.restic;
}; };
} }

6
nixos/modules/services/cluster/hadoop/default.nix
View file

@ -52,9 +52,9 @@ with lib;
config = mkMerge [ config = mkMerge [
(mkIf (builtins.hasAttr "yarn" config.users.extraUsers || (mkIf (builtins.hasAttr "yarn" config.users.users ||
builtins.hasAttr "hdfs" config.users.extraUsers ) { builtins.hasAttr "hdfs" config.users.users) {
users.extraGroups.hadoop = { users.groups.hadoop = {
gid = config.ids.gids.hadoop; gid = config.ids.gids.hadoop;
}; };
}) })

2
nixos/modules/services/cluster/hadoop/hdfs.nix
View file

@ -62,7 +62,7 @@ with lib;
(mkIf ( (mkIf (
cfg.hdfs.namenode.enabled || cfg.hdfs.datanode.enabled cfg.hdfs.namenode.enabled || cfg.hdfs.datanode.enabled
) { ) {
users.extraUsers.hdfs = { users.users.hdfs = {
description = "Hadoop HDFS user"; description = "Hadoop HDFS user";
group = "hadoop"; group = "hadoop";
uid = config.ids.uids.hdfs; uid = config.ids.uids.hdfs;

2
nixos/modules/services/cluster/hadoop/yarn.nix
View file

@ -27,7 +27,7 @@ with lib;
cfg.yarn.resourcemanager.enabled || cfg.yarn.nodemanager.enabled cfg.yarn.resourcemanager.enabled || cfg.yarn.nodemanager.enabled
) { ) {
users.extraUsers.yarn = { users.users.yarn = {
description = "Hadoop YARN user"; description = "Hadoop YARN user";
group = "hadoop"; group = "hadoop";
uid = config.ids.uids.yarn; uid = config.ids.uids.yarn;

4
nixos/modules/services/cluster/kubernetes/default.nix
View file

@ -1145,7 +1145,7 @@ in {
]; ];
environment.systemPackages = [ cfg.package ]; environment.systemPackages = [ cfg.package ];
users.extraUsers = singleton { users.users = singleton {
name = "kubernetes"; name = "kubernetes";
uid = config.ids.uids.kubernetes; uid = config.ids.uids.kubernetes;
description = "Kubernetes user"; description = "Kubernetes user";
@ -1154,7 +1154,7 @@ in {
home = cfg.dataDir; home = cfg.dataDir;
createHome = true; createHome = true;
}; };
users.extraGroups.kubernetes.gid = config.ids.gids.kubernetes; users.groups.kubernetes.gid = config.ids.gids.kubernetes;
# dns addon is enabled by default # dns addon is enabled by default
services.kubernetes.addons.dns.enable = mkDefault true; services.kubernetes.addons.dns.enable = mkDefault true;

4
nixos/modules/services/continuous-integration/buildbot/master.nix
View file

@ -191,11 +191,11 @@ in {
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.extraGroups = optional (cfg.group == "buildbot") { users.groups = optional (cfg.group == "buildbot") {
name = "buildbot"; name = "buildbot";
}; };
users.extraUsers = optional (cfg.user == "buildbot") { users.users = optional (cfg.user == "buildbot") {
name = "buildbot"; name = "buildbot";
description = "Buildbot User."; description = "Buildbot User.";
isNormalUser = true; isNormalUser = true;

4
nixos/modules/services/continuous-integration/buildbot/worker.nix
View file

@ -84,11 +84,11 @@ in {
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.extraGroups = optional (cfg.group == "bbworker") { users.groups = optional (cfg.group == "bbworker") {
name = "bbworker"; name = "bbworker";
}; };
users.extraUsers = optional (cfg.user == "bbworker") { users.users = optional (cfg.user == "bbworker") {
name = "bbworker"; name = "bbworker";
description = "Buildbot Worker User."; description = "Buildbot Worker User.";
isNormalUser = true; isNormalUser = true;

2
nixos/modules/services/continuous-integration/buildkite-agent.nix
View file

@ -185,7 +185,7 @@ in
}; };
config = mkIf config.services.buildkite-agent.enable { config = mkIf config.services.buildkite-agent.enable {
users.extraUsers.buildkite-agent = users.users.buildkite-agent =
{ name = "buildkite-agent"; { name = "buildkite-agent";
home = cfg.dataDir; home = cfg.dataDir;
createHome = true; createHome = true;

4
nixos/modules/services/continuous-integration/gitlab-runner.nix
View file

@ -134,7 +134,7 @@ in
# Make the gitlab-runner command availabe so users can query the runner # Make the gitlab-runner command availabe so users can query the runner
environment.systemPackages = [ cfg.package ]; environment.systemPackages = [ cfg.package ];
users.extraUsers.gitlab-runner = { users.users.gitlab-runner = {
group = "gitlab-runner"; group = "gitlab-runner";
extraGroups = optional hasDocker "docker"; extraGroups = optional hasDocker "docker";
uid = config.ids.uids.gitlab-runner; uid = config.ids.uids.gitlab-runner;
@ -142,6 +142,6 @@ in
createHome = true; createHome = true;
}; };
users.extraGroups.gitlab-runner.gid = config.ids.gids.gitlab-runner; users.groups.gitlab-runner.gid = config.ids.gids.gitlab-runner;
}; };
} }

4
nixos/modules/services/continuous-integration/gocd-agent/default.nix
View file

@ -135,12 +135,12 @@ in {
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.extraGroups = optional (cfg.group == "gocd-agent") { users.groups = optional (cfg.group == "gocd-agent") {
name = "gocd-agent"; name = "gocd-agent";
gid = config.ids.gids.gocd-agent; gid = config.ids.gids.gocd-agent;
}; };
users.extraUsers = optional (cfg.user == "gocd-agent") { users.users = optional (cfg.user == "gocd-agent") {
name = "gocd-agent"; name = "gocd-agent";
description = "gocd-agent user"; description = "gocd-agent user";
createHome = true; createHome = true;

8
nixos/modules/services/continuous-integration/gocd-server/default.nix
View file

@ -113,8 +113,8 @@ in {
extraOptions = mkOption { extraOptions = mkOption {
default = [ ]; default = [ ];
example = [ example = [
"-X debug" "-X debug"
"-Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005" "-Xrunjdwp:transport=dt_socket,server=y,suspend=n,address=5005"
"-verbose:gc" "-verbose:gc"
"-Xloggc:go-server-gc.log" "-Xloggc:go-server-gc.log"
@ -143,12 +143,12 @@ in {
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.extraGroups = optional (cfg.group == "gocd-server") { users.groups = optional (cfg.group == "gocd-server") {
name = "gocd-server"; name = "gocd-server";
gid = config.ids.gids.gocd-server; gid = config.ids.gids.gocd-server;
}; };
users.extraUsers = optional (cfg.user == "gocd-server") { users.users = optional (cfg.user == "gocd-server") {
name = "gocd-server"; name = "gocd-server";
description = "gocd-server user"; description = "gocd-server user";
createHome = true; createHome = true;

8
nixos/modules/services/continuous-integration/hydra/default.nix
View file

@ -194,11 +194,11 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.extraGroups.hydra = { users.groups.hydra = {
gid = config.ids.gids.hydra; gid = config.ids.gids.hydra;
}; };
users.extraUsers.hydra = users.users.hydra =
{ description = "Hydra"; { description = "Hydra";
group = "hydra"; group = "hydra";
createHome = true; createHome = true;
@ -207,7 +207,7 @@ in
uid = config.ids.uids.hydra; uid = config.ids.uids.hydra;
}; };
users.extraUsers.hydra-queue-runner = users.users.hydra-queue-runner =
{ description = "Hydra queue runner"; { description = "Hydra queue runner";
group = "hydra"; group = "hydra";
useDefaultShell = true; useDefaultShell = true;
@ -215,7 +215,7 @@ in
uid = config.ids.uids.hydra-queue-runner; uid = config.ids.uids.hydra-queue-runner;
}; };
users.extraUsers.hydra-www = users.users.hydra-www =
{ description = "Hydra web server"; { description = "Hydra web server";
group = "hydra"; group = "hydra";
useDefaultShell = true; useDefaultShell = true;

4
nixos/modules/services/continuous-integration/jenkins/default.nix
View file

@ -150,12 +150,12 @@ in {
pkgs.dejavu_fonts pkgs.dejavu_fonts
]; ];
users.extraGroups = optional (cfg.group == "jenkins") { users.groups = optional (cfg.group == "jenkins") {
name = "jenkins"; name = "jenkins";
gid = config.ids.gids.jenkins; gid = config.ids.gids.jenkins;
}; };
users.extraUsers = optional (cfg.user == "jenkins") { users.users = optional (cfg.user == "jenkins") {
name = "jenkins"; name = "jenkins";
description = "jenkins user"; description = "jenkins user";
createHome = true; createHome = true;

4
nixos/modules/services/continuous-integration/jenkins/slave.nix
View file

@ -50,12 +50,12 @@ in {
}; };
config = mkIf (cfg.enable && !masterCfg.enable) { config = mkIf (cfg.enable && !masterCfg.enable) {
users.extraGroups = optional (cfg.group == "jenkins") { users.groups = optional (cfg.group == "jenkins") {
name = "jenkins"; name = "jenkins";
gid = config.ids.gids.jenkins; gid = config.ids.gids.jenkins;
}; };
users.extraUsers = optional (cfg.user == "jenkins") { users.users = optional (cfg.user == "jenkins") {
name = "jenkins"; name = "jenkins";
description = "jenkins user"; description = "jenkins user";
createHome = true; createHome = true;

2
nixos/modules/services/databases/4store-endpoint.nix
View file

@ -52,7 +52,7 @@ with lib;
message = "Must specify 4Store database name"; message = "Must specify 4Store database name";
}; };
users.extraUsers = singleton users.users = singleton
{ name = endpointUser; { name = endpointUser;
uid = config.ids.uids.fourstorehttp; uid = config.ids.uids.fourstorehttp;
description = "4Store SPARQL endpoint user"; description = "4Store SPARQL endpoint user";

2
nixos/modules/services/databases/4store.nix
View file

@ -43,7 +43,7 @@ with lib;
message = "Must specify 4Store database name."; message = "Must specify 4Store database name.";
}; };
users.extraUsers = singleton users.users = singleton
{ name = fourStoreUser; { name = fourStoreUser;
uid = config.ids.uids.fourstore; uid = config.ids.uids.fourstore;
description = "4Store database user"; description = "4Store database user";

2
nixos/modules/services/databases/cassandra.nix
View file

@ -420,7 +420,7 @@ in {
9160 9160
]; ];
users.extraUsers.cassandra = users.users.cassandra =
if config.ids.uids ? "cassandra" if config.ids.uids ? "cassandra"
then { uid = config.ids.uids.cassandra; } // cassandraUser then { uid = config.ids.uids.cassandra; } // cassandraUser
else cassandraUser ; else cassandraUser ;

4
nixos/modules/services/databases/clickhouse.nix
View file

@ -27,14 +27,14 @@ with lib;
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.extraUsers.clickhouse = { users.users.clickhouse = {
name = "clickhouse"; name = "clickhouse";
uid = config.ids.uids.clickhouse; uid = config.ids.uids.clickhouse;
group = "clickhouse"; group = "clickhouse";
description = "ClickHouse server user"; description = "ClickHouse server user";
}; };
users.extraGroups.clickhouse.gid = config.ids.gids.clickhouse; users.groups.clickhouse.gid = config.ids.gids.clickhouse;
systemd.services.clickhouse = { systemd.services.clickhouse = {
description = "ClickHouse server"; description = "ClickHouse server";

4
nixos/modules/services/databases/couchdb.nix
View file

@ -198,13 +198,13 @@ in {
}; };
}; };
users.extraUsers.couchdb = { users.users.couchdb = {
description = "CouchDB Server user"; description = "CouchDB Server user";
group = "couchdb"; group = "couchdb";
uid = config.ids.uids.couchdb; uid = config.ids.uids.couchdb;
}; };
users.extraGroups.couchdb.gid = config.ids.gids.couchdb; users.groups.couchdb.gid = config.ids.gids.couchdb;
}; };
} }

4
nixos/modules/services/databases/firebird.nix
View file

@ -154,13 +154,13 @@ in
# there are some additional settings which should be reviewed # there are some additional settings which should be reviewed
''; '';
users.extraUsers.firebird = { users.users.firebird = {
description = "Firebird server user"; description = "Firebird server user";
group = "firebird"; group = "firebird";
uid = config.ids.uids.firebird; uid = config.ids.uids.firebird;
}; };
users.extraGroups.firebird.gid = config.ids.gids.firebird; users.groups.firebird.gid = config.ids.gids.firebird;
}; };
} }

4
nixos/modules/services/databases/foundationdb.nix
View file

@ -325,14 +325,14 @@ in
environment.systemPackages = [ pkg ]; environment.systemPackages = [ pkg ];
users.extraUsers = optionalAttrs (cfg.user == "foundationdb") (singleton users.users = optionalAttrs (cfg.user == "foundationdb") (singleton
{ name = "foundationdb"; { name = "foundationdb";
description = "FoundationDB User"; description = "FoundationDB User";
uid = config.ids.uids.foundationdb; uid = config.ids.uids.foundationdb;
group = cfg.group; group = cfg.group;
}); });
users.extraGroups = optionalAttrs (cfg.group == "foundationdb") (singleton users.groups = optionalAttrs (cfg.group == "foundationdb") (singleton
{ name = "foundationdb"; { name = "foundationdb";
gid = config.ids.gids.foundationdb; gid = config.ids.gids.foundationdb;
}); });

4
nixos/modules/services/databases/hbase.nix
View file

@ -122,13 +122,13 @@ in {
}; };
}; };
users.extraUsers.hbase = { users.users.hbase = {
description = "HBase Server user"; description = "HBase Server user";
group = "hbase"; group = "hbase";
uid = config.ids.uids.hbase; uid = config.ids.uids.hbase;
}; };
users.extraGroups.hbase.gid = config.ids.gids.hbase; users.groups.hbase.gid = config.ids.gids.hbase;
}; };
} }

4
nixos/modules/services/databases/influxdb.nix
View file

@ -182,13 +182,13 @@ in
''; '';
}; };
users.extraUsers = optional (cfg.user == "influxdb") { users.users = optional (cfg.user == "influxdb") {
name = "influxdb"; name = "influxdb";
uid = config.ids.uids.influxdb; uid = config.ids.uids.influxdb;
description = "Influxdb daemon user"; description = "Influxdb daemon user";
}; };
users.extraGroups = optional (cfg.group == "influxdb") { users.groups = optional (cfg.group == "influxdb") {
name = "influxdb"; name = "influxdb";
gid = config.ids.gids.influxdb; gid = config.ids.gids.influxdb;
}; };

2
nixos/modules/services/databases/memcached.nix
View file

@ -64,7 +64,7 @@ in
config = mkIf config.services.memcached.enable { config = mkIf config.services.memcached.enable {
users.extraUsers = optional (cfg.user == "memcached") { users.users = optional (cfg.user == "memcached") {
name = "memcached"; name = "memcached";
description = "Memcached server user"; description = "Memcached server user";
}; };

2
nixos/modules/services/databases/mongodb.nix
View file

@ -93,7 +93,7 @@ in
config = mkIf config.services.mongodb.enable { config = mkIf config.services.mongodb.enable {
users.extraUsers.mongodb = mkIf (cfg.user == "mongodb") users.users.mongodb = mkIf (cfg.user == "mongodb")
{ name = "mongodb"; { name = "mongodb";
uid = config.ids.uids.mongodb; uid = config.ids.uids.mongodb;
description = "MongoDB server user"; description = "MongoDB server user";

4
nixos/modules/services/databases/mysql.nix
View file

@ -221,13 +221,13 @@ in
mkDefault (if versionAtLeast config.system.nixos.stateVersion "17.09" then "/var/lib/mysql" mkDefault (if versionAtLeast config.system.nixos.stateVersion "17.09" then "/var/lib/mysql"
else "/var/mysql"); else "/var/mysql");
users.extraUsers.mysql = { users.users.mysql = {
description = "MySQL server user"; description = "MySQL server user";
group = "mysql"; group = "mysql";
uid = config.ids.uids.mysql; uid = config.ids.uids.mysql;
}; };
users.extraGroups.mysql.gid = config.ids.gids.mysql; users.groups.mysql.gid = config.ids.gids.mysql;
environment.systemPackages = [mysql]; environment.systemPackages = [mysql];

2
nixos/modules/services/databases/neo4j.nix
View file

@ -139,7 +139,7 @@ in {
environment.systemPackages = [ cfg.package ]; environment.systemPackages = [ cfg.package ];
users.extraUsers = singleton { users.users = singleton {
name = "neo4j"; name = "neo4j";
uid = config.ids.uids.neo4j; uid = config.ids.uids.neo4j;
description = "Neo4j daemon user"; description = "Neo4j daemon user";

4
nixos/modules/services/databases/openldap.nix
View file

@ -145,13 +145,13 @@ in
"${configOpts}"; "${configOpts}";
}; };
users.extraUsers.openldap = users.users.openldap =
{ name = cfg.user; { name = cfg.user;
group = cfg.group; group = cfg.group;
uid = config.ids.uids.openldap; uid = config.ids.uids.openldap;
}; };
users.extraGroups.openldap = users.groups.openldap =
{ name = cfg.group; { name = cfg.group;
gid = config.ids.gids.openldap; gid = config.ids.gids.openldap;
}; };

4
nixos/modules/services/databases/opentsdb.nix
View file

@ -97,13 +97,13 @@ in {
}; };
}; };
users.extraUsers.opentsdb = { users.users.opentsdb = {
description = "OpenTSDB Server user"; description = "OpenTSDB Server user";
group = "opentsdb"; group = "opentsdb";
uid = config.ids.uids.opentsdb; uid = config.ids.uids.opentsdb;
}; };
users.extraGroups.opentsdb.gid = config.ids.gids.opentsdb; users.groups.opentsdb.gid = config.ids.gids.opentsdb;
}; };
} }

4
nixos/modules/services/databases/postgresql.nix
View file

@ -183,14 +183,14 @@ in
host all all ::1/128 md5 host all all ::1/128 md5
''; '';
users.extraUsers.postgres = users.users.postgres =
{ name = "postgres"; { name = "postgres";
uid = config.ids.uids.postgres; uid = config.ids.uids.postgres;
group = "postgres"; group = "postgres";
description = "PostgreSQL server user"; description = "PostgreSQL server user";
}; };
users.extraGroups.postgres.gid = config.ids.gids.postgres; users.groups.postgres.gid = config.ids.gids.postgres;
environment.systemPackages = [ postgresql ]; environment.systemPackages = [ postgresql ];

2
nixos/modules/services/databases/redis.nix
View file

@ -217,7 +217,7 @@ in
allowedTCPPorts = [ cfg.port ]; allowedTCPPorts = [ cfg.port ];
}; };
users.extraUsers.redis = users.users.redis =
{ name = cfg.user; { name = cfg.user;
description = "Redis database user"; description = "Redis database user";
}; };

4
nixos/modules/services/databases/rethinkdb.nix
View file

@ -96,12 +96,12 @@ in
''; '';
}; };
users.extraUsers.rethinkdb = mkIf (cfg.user == "rethinkdb") users.users.rethinkdb = mkIf (cfg.user == "rethinkdb")
{ name = "rethinkdb"; { name = "rethinkdb";
description = "RethinkDB server user"; description = "RethinkDB server user";
}; };
users.extraGroups = optionalAttrs (cfg.group == "rethinkdb") (singleton users.groups = optionalAttrs (cfg.group == "rethinkdb") (singleton
{ name = "rethinkdb"; { name = "rethinkdb";
}); });

2
nixos/modules/services/databases/riak-cs.nix
View file

@ -145,7 +145,7 @@ in
${cfg.extraAdvancedConfig} ${cfg.extraAdvancedConfig}
''; '';
users.extraUsers.riak-cs = { users.users.riak-cs = {
name = "riak-cs"; name = "riak-cs";
uid = config.ids.uids.riak-cs; uid = config.ids.uids.riak-cs;
group = "riak"; group = "riak";

4
nixos/modules/services/databases/riak.nix
View file

@ -102,14 +102,14 @@ in
${cfg.extraAdvancedConfig} ${cfg.extraAdvancedConfig}
''; '';
users.extraUsers.riak = { users.users.riak = {
name = "riak"; name = "riak";
uid = config.ids.uids.riak; uid = config.ids.uids.riak;
group = "riak"; group = "riak";
description = "Riak server user"; description = "Riak server user";
}; };
users.extraGroups.riak.gid = config.ids.gids.riak; users.groups.riak.gid = config.ids.gids.riak;
systemd.services.riak = { systemd.services.riak = {
description = "Riak Server"; description = "Riak Server";

4
nixos/modules/services/databases/stanchion.nix
View file

@ -143,14 +143,14 @@ in
${cfg.extraConfig} ${cfg.extraConfig}
''; '';
users.extraUsers.stanchion = { users.users.stanchion = {
name = "stanchion"; name = "stanchion";
uid = config.ids.uids.stanchion; uid = config.ids.uids.stanchion;
group = "stanchion"; group = "stanchion";
description = "Stanchion server user"; description = "Stanchion server user";
}; };
users.extraGroups.stanchion.gid = config.ids.gids.stanchion; users.groups.stanchion.gid = config.ids.gids.stanchion;
systemd.services.stanchion = { systemd.services.stanchion = {
description = "Stanchion Server"; description = "Stanchion Server";

2
nixos/modules/services/databases/virtuoso.nix
View file

@ -54,7 +54,7 @@ with lib;
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.extraUsers = singleton users.users = singleton
{ name = virtuosoUser; { name = virtuosoUser;
uid = config.ids.uids.virtuoso; uid = config.ids.uids.virtuoso;
description = "virtuoso user"; description = "virtuoso user";

4
nixos/modules/services/editors/infinoted.nix
View file

@ -111,12 +111,12 @@ in {
}; };
config = mkIf (cfg.enable) { config = mkIf (cfg.enable) {
users.extraUsers = optional (cfg.user == "infinoted") users.users = optional (cfg.user == "infinoted")
{ name = "infinoted"; { name = "infinoted";
description = "Infinoted user"; description = "Infinoted user";
group = cfg.group; group = cfg.group;
}; };
users.extraGroups = optional (cfg.group == "infinoted") users.groups = optional (cfg.group == "infinoted")
{ name = "infinoted"; { name = "infinoted";
}; };

2
nixos/modules/services/games/minecraft-server.nix
View file

@ -45,7 +45,7 @@ in
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.extraUsers.minecraft = { users.users.minecraft = {
description = "Minecraft Server Service user"; description = "Minecraft Server Service user";
home = cfg.dataDir; home = cfg.dataDir;
createHome = true; createHome = true;

2
nixos/modules/services/games/minetest-server.nix
View file

@ -79,7 +79,7 @@ in
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.extraUsers.minetest = { users.users.minetest = {
description = "Minetest Server Service user"; description = "Minetest Server Service user";
home = "/var/lib/minetest"; home = "/var/lib/minetest";
createHome = true; createHome = true;

4
nixos/modules/services/games/terraria.nix
View file

@ -105,14 +105,14 @@ in
}; };
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.extraUsers.terraria = { users.users.terraria = {
description = "Terraria server service user"; description = "Terraria server service user";
home = "/var/lib/terraria"; home = "/var/lib/terraria";
createHome = true; createHome = true;
uid = config.ids.uids.terraria; uid = config.ids.uids.terraria;
}; };
users.extraGroups.terraria = { users.groups.terraria = {
gid = config.ids.gids.terraria; gid = config.ids.gids.terraria;
members = [ "terraria" ]; members = [ "terraria" ];
}; };

4
nixos/modules/services/hardware/sane.nix
View file

@ -124,7 +124,7 @@ in
environment.sessionVariables = env; environment.sessionVariables = env;
services.udev.packages = backends; services.udev.packages = backends;
users.extraGroups."scanner".gid = config.ids.gids.scanner; users.groups."scanner".gid = config.ids.gids.scanner;
}) })
(mkIf config.services.saned.enable { (mkIf config.services.saned.enable {
@ -152,7 +152,7 @@ in
}; };
}; };
users.extraUsers."scanner" = { users.users."scanner" = {
uid = config.ids.uids.scanner; uid = config.ids.uids.scanner;
group = "scanner"; group = "scanner";
}; };

4
nixos/modules/services/hardware/tcsd.nix
View file

@ -137,13 +137,13 @@ in
serviceConfig.ExecStart = "${pkgs.trousers}/sbin/tcsd -f -c ${tcsdConf}"; serviceConfig.ExecStart = "${pkgs.trousers}/sbin/tcsd -f -c ${tcsdConf}";
}; };
users.extraUsers = optionalAttrs (cfg.user == "tss") (singleton users.users = optionalAttrs (cfg.user == "tss") (singleton
{ name = "tss"; { name = "tss";
group = "tss"; group = "tss";
uid = config.ids.uids.tss; uid = config.ids.uids.tss;
}); });
users.extraGroups = optionalAttrs (cfg.group == "tss") (singleton users.groups = optionalAttrs (cfg.group == "tss") (singleton
{ name = "tss"; { name = "tss";
gid = config.ids.gids.tss; gid = config.ids.gids.tss;
}); });

4
nixos/modules/services/hardware/usbmuxd.nix
View file

@ -43,13 +43,13 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.extraUsers = optional (cfg.user == defaultUserGroup) { users.users = optional (cfg.user == defaultUserGroup) {
name = cfg.user; name = cfg.user;
description = "usbmuxd user"; description = "usbmuxd user";
group = cfg.group; group = cfg.group;
}; };
users.extraGroups = optional (cfg.group == defaultUserGroup) { users.groups = optional (cfg.group == defaultUserGroup) {
name = cfg.group; name = cfg.group;
}; };

2
nixos/modules/services/logging/graylog.nix
View file

@ -127,7 +127,7 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.extraUsers = mkIf (cfg.user == "graylog") { users.users = mkIf (cfg.user == "graylog") {
graylog = { graylog = {
uid = config.ids.uids.graylog; uid = config.ids.uids.graylog;
description = "Graylog server daemon user"; description = "Graylog server daemon user";

2
nixos/modules/services/logging/journalwatch.nix
View file

@ -197,7 +197,7 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.extraUsers.${user} = { users.users.${user} = {
isSystemUser = true; isSystemUser = true;
createHome = true; createHome = true;
home = dataDir; home = dataDir;

2
nixos/modules/services/logging/logcheck.nix
View file

@ -213,7 +213,7 @@ in
mapAttrsToList writeIgnoreRule cfg.ignore mapAttrsToList writeIgnoreRule cfg.ignore
++ mapAttrsToList writeIgnoreCronRule cfg.ignoreCron; ++ mapAttrsToList writeIgnoreCronRule cfg.ignoreCron;
users.extraUsers = optionalAttrs (cfg.user == "logcheck") (singleton users.users = optionalAttrs (cfg.user == "logcheck") (singleton
{ name = "logcheck"; { name = "logcheck";
uid = config.ids.uids.logcheck; uid = config.ids.uids.logcheck;
shell = "/bin/sh"; shell = "/bin/sh";

4
nixos/modules/services/mail/dovecot.nix
View file

@ -309,7 +309,7 @@ in
++ optional cfg.enablePop3 "pop3" ++ optional cfg.enablePop3 "pop3"
++ optional cfg.enableLmtp "lmtp"; ++ optional cfg.enableLmtp "lmtp";
users.extraUsers = [ users.users = [
{ name = "dovenull"; { name = "dovenull";
uid = config.ids.uids.dovenull2; uid = config.ids.uids.dovenull2;
description = "Dovecot user for untrusted logins"; description = "Dovecot user for untrusted logins";
@ -328,7 +328,7 @@ in
group = cfg.mailGroup; group = cfg.mailGroup;
}); });
users.extraGroups = optional (cfg.group == "dovecot2") users.groups = optional (cfg.group == "dovecot2")
{ name = "dovecot2"; { name = "dovecot2";
gid = config.ids.gids.dovecot2; gid = config.ids.gids.dovecot2;
} }

4
nixos/modules/services/mail/dspam.nix
View file

@ -86,13 +86,13 @@ in {
config = mkIf cfg.enable (mkMerge [ config = mkIf cfg.enable (mkMerge [
{ {
users.extraUsers = optionalAttrs (cfg.user == "dspam") (singleton users.users = optionalAttrs (cfg.user == "dspam") (singleton
{ name = "dspam"; { name = "dspam";
group = cfg.group; group = cfg.group;
uid = config.ids.uids.dspam; uid = config.ids.uids.dspam;
}); });
users.extraGroups = optionalAttrs (cfg.group == "dspam") (singleton users.groups = optionalAttrs (cfg.group == "dspam") (singleton
{ name = "dspam"; { name = "dspam";
gid = config.ids.gids.dspam; gid = config.ids.gids.dspam;
}); });

4
nixos/modules/services/mail/exim.nix
View file

@ -77,14 +77,14 @@ in
systemPackages = [ exim ]; systemPackages = [ exim ];
}; };
users.extraUsers = singleton { users.users = singleton {
name = cfg.user; name = cfg.user;
description = "Exim mail transfer agent user"; description = "Exim mail transfer agent user";
uid = config.ids.uids.exim; uid = config.ids.uids.exim;
group = cfg.group; group = cfg.group;
}; };
users.extraGroups = singleton { users.groups = singleton {
name = cfg.group; name = cfg.group;
gid = config.ids.gids.exim; gid = config.ids.gids.exim;
}; };

2
nixos/modules/services/mail/mailhog.nix
View file

@ -24,7 +24,7 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.extraUsers.mailhog = { users.users.mailhog = {
name = cfg.user; name = cfg.user;
description = "MailHog service user"; description = "MailHog service user";
}; };

4
nixos/modules/services/mail/mlmmj.nix
View file

@ -94,7 +94,7 @@ in
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.extraUsers = singleton { users.users = singleton {
name = cfg.user; name = cfg.user;
description = "mlmmj user"; description = "mlmmj user";
home = stateDir; home = stateDir;
@ -104,7 +104,7 @@ in
useDefaultShell = true; useDefaultShell = true;
}; };
users.extraGroups = singleton { users.groups = singleton {
name = cfg.group; name = cfg.group;
gid = config.ids.gids.mlmmj; gid = config.ids.gids.mlmmj;
}; };

4
nixos/modules/services/mail/nullmailer.nix
View file

@ -201,13 +201,13 @@ with lib;
}; };
users = { users = {
extraUsers = singleton { users = singleton {
name = cfg.user; name = cfg.user;
description = "Nullmailer relay-only mta user"; description = "Nullmailer relay-only mta user";
group = cfg.group; group = cfg.group;
}; };
extraGroups = singleton { groups = singleton {
name = cfg.group; name = cfg.group;
}; };
}; };

4
nixos/modules/services/mail/opendkim.nix
View file

@ -88,13 +88,13 @@ in {
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.extraUsers = optionalAttrs (cfg.user == "opendkim") (singleton users.users = optionalAttrs (cfg.user == "opendkim") (singleton
{ name = "opendkim"; { name = "opendkim";
group = cfg.group; group = cfg.group;
uid = config.ids.uids.opendkim; uid = config.ids.uids.opendkim;
}); });
users.extraGroups = optionalAttrs (cfg.group == "opendkim") (singleton users.groups = optionalAttrs (cfg.group == "opendkim") (singleton
{ name = "opendkim"; { name = "opendkim";
gid = config.ids.gids.opendkim; gid = config.ids.gids.opendkim;
}); });

4
nixos/modules/services/mail/opensmtpd.nix
View file

@ -83,12 +83,12 @@ in {
###### implementation ###### implementation
config = mkIf cfg.enable { config = mkIf cfg.enable {
users.extraGroups = { users.groups = {
smtpd.gid = config.ids.gids.smtpd; smtpd.gid = config.ids.gids.smtpd;
smtpq.gid = config.ids.gids.smtpq; smtpq.gid = config.ids.gids.smtpq;
}; };
users.extraUsers = { users.users = {
smtpd = { smtpd = {
description = "OpenSMTPD process user"; description = "OpenSMTPD process user";
uid = config.ids.uids.smtpd; uid = config.ids.uids.smtpd;

4
nixos/modules/services/mail/postfix.nix
View file

@ -616,14 +616,14 @@ in
setgid = true; setgid = true;
}; };
users.extraUsers = optional (user == "postfix") users.users = optional (user == "postfix")
{ name = "postfix"; { name = "postfix";
description = "Postfix mail server user"; description = "Postfix mail server user";
uid = config.ids.uids.postfix; uid = config.ids.uids.postfix;
group = group; group = group;
}; };
users.extraGroups = users.groups =
optional (group == "postfix") optional (group == "postfix")
{ name = group; { name = group;
gid = config.ids.gids.postfix; gid = config.ids.gids.postfix;

4
nixos/modules/services/mail/postgrey.nix
View file

@ -136,14 +136,14 @@ in {
environment.systemPackages = [ pkgs.postgrey ]; environment.systemPackages = [ pkgs.postgrey ];
users = { users = {
extraUsers = { users = {
postgrey = { postgrey = {
description = "Postgrey Daemon"; description = "Postgrey Daemon";
uid = config.ids.uids.postgrey; uid = config.ids.uids.postgrey;
group = "postgrey"; group = "postgrey";
}; };
}; };
extraGroups = { groups = {
postgrey = { postgrey = {
gid = config.ids.gids.postgrey; gid = config.ids.gids.postgrey;
}; };

4
nixos/modules/services/mail/postsrsd.nix
View file

@ -90,13 +90,13 @@ in {
services.postsrsd.domain = mkDefault config.networking.hostName; services.postsrsd.domain = mkDefault config.networking.hostName;
users.extraUsers = optionalAttrs (cfg.user == "postsrsd") (singleton users.users = optionalAttrs (cfg.user == "postsrsd") (singleton
{ name = "postsrsd"; { name = "postsrsd";
group = cfg.group; group = cfg.group;
uid = config.ids.uids.postsrsd; uid = config.ids.uids.postsrsd;
}); });
users.extraGroups = optionalAttrs (cfg.group == "postsrsd") (singleton users.groups = optionalAttrs (cfg.group == "postsrsd") (singleton
{ name = "postsrsd"; { name = "postsrsd";
gid = config.ids.gids.postsrsd; gid = config.ids.gids.postsrsd;
}); });

8
nixos/modules/services/mail/rmilter.nix
View file

@ -194,14 +194,14 @@ in
(mkIf cfg.enable { (mkIf cfg.enable {
users.extraUsers = singleton { users.users = singleton {
name = cfg.user; name = cfg.user;
description = "rmilter daemon"; description = "rmilter daemon";
uid = config.ids.uids.rmilter; uid = config.ids.uids.rmilter;
group = cfg.group; group = cfg.group;
}; };
users.extraGroups = singleton { users.groups = singleton {
name = cfg.group; name = cfg.group;
gid = config.ids.gids.rmilter; gid = config.ids.gids.rmilter;
}; };
@ -238,12 +238,12 @@ in
}) })
(mkIf (cfg.enable && cfg.rspamd.enable && rspamdCfg.enable) { (mkIf (cfg.enable && cfg.rspamd.enable && rspamdCfg.enable) {
users.extraUsers.${cfg.user}.extraGroups = [ rspamdCfg.group ]; users.users.${cfg.user}.extraGroups = [ rspamdCfg.group ];
}) })
(mkIf (cfg.enable && cfg.postfix.enable) { (mkIf (cfg.enable && cfg.postfix.enable) {
services.postfix.extraConfig = cfg.postfix.configFragment; services.postfix.extraConfig = cfg.postfix.configFragment;
users.extraUsers.${postfixCfg.user}.extraGroups = [ cfg.group ]; users.users.${postfixCfg.user}.extraGroups = [ cfg.group ];
}) })
]; ];
} }

4
nixos/modules/services/mail/rspamd.nix
View file

@ -282,14 +282,14 @@ in
# Allow users to run 'rspamc' and 'rspamadm'. # Allow users to run 'rspamc' and 'rspamadm'.
environment.systemPackages = [ pkgs.rspamd ]; environment.systemPackages = [ pkgs.rspamd ];
users.extraUsers = singleton { users.users = singleton {
name = cfg.user; name = cfg.user;
description = "rspamd daemon"; description = "rspamd daemon";
uid = config.ids.uids.rspamd; uid = config.ids.uids.rspamd;
group = cfg.group; group = cfg.group;
}; };
users.extraGroups = singleton { users.groups = singleton {
name = cfg.group; name = cfg.group;
gid = config.ids.gids.rspamd; gid = config.ids.gids.rspamd;
}; };

4
nixos/modules/services/mail/spamassassin.nix
View file

@ -128,14 +128,14 @@ in
systemPackages = [ pkgs.spamassassin ]; systemPackages = [ pkgs.spamassassin ];
}; };
users.extraUsers = singleton { users.users = singleton {
name = "spamd"; name = "spamd";
description = "Spam Assassin Daemon"; description = "Spam Assassin Daemon";
uid = config.ids.uids.spamd; uid = config.ids.uids.spamd;
group = "spamd"; group = "spamd";
}; };
users.extraGroups = singleton { users.groups = singleton {
name = "spamd"; name = "spamd";
gid = config.ids.gids.spamd; gid = config.ids.gids.spamd;
}; };

2
nixos/modules/services/misc/airsonic.nix
View file

@ -107,7 +107,7 @@ in {
}; };
}; };
users.extraUsers.airsonic = { users.users.airsonic = {
description = "Airsonic service user"; description = "Airsonic service user";
name = cfg.user; name = cfg.user;
home = cfg.home; home = cfg.home;

2
nixos/modules/services/misc/apache-kafka.nix
View file

@ -124,7 +124,7 @@ in {
environment.systemPackages = [cfg.package]; environment.systemPackages = [cfg.package];
users.extraUsers = singleton { users.users = singleton {
name = "apache-kafka"; name = "apache-kafka";
uid = config.ids.uids.apache-kafka; uid = config.ids.uids.apache-kafka;
description = "Apache Kafka daemon user"; description = "Apache Kafka daemon user";

4
nixos/modules/services/misc/bepasty.nix
View file

@ -168,14 +168,14 @@ in
}) })
) cfg.servers; ) cfg.servers;
users.extraUsers = [{ users.users = [{
uid = config.ids.uids.bepasty; uid = config.ids.uids.bepasty;
name = user; name = user;
group = group; group = group;
home = default_home; home = default_home;
}]; }];
users.extraGroups = [{ users.groups = [{
name = group; name = group;
gid = config.ids.gids.bepasty; gid = config.ids.gids.bepasty;
}]; }];

4
nixos/modules/services/misc/calibre-server.nix
View file

@ -49,12 +49,12 @@ in
environment.systemPackages = [ pkgs.calibre ]; environment.systemPackages = [ pkgs.calibre ];
users.extraUsers.calibre-server = { users.users.calibre-server = {
uid = config.ids.uids.calibre-server; uid = config.ids.uids.calibre-server;
group = "calibre-server"; group = "calibre-server";
}; };
users.extraGroups.calibre-server = { users.groups.calibre-server = {
gid = config.ids.gids.calibre-server; gid = config.ids.gids.calibre-server;
}; };

4
nixos/modules/services/misc/cfdyndns.nix
View file

@ -54,14 +54,14 @@ in
}; };
}; };
users.extraUsers = { users.users = {
cfdyndns = { cfdyndns = {
group = "cfdyndns"; group = "cfdyndns";
uid = config.ids.uids.cfdyndns; uid = config.ids.uids.cfdyndns;
}; };
}; };
users.extraGroups = { users.groups = {
cfdyndns = { cfdyndns = {
gid = config.ids.gids.cfdyndns; gid = config.ids.gids.cfdyndns;
}; };

2
nixos/modules/services/misc/cgminer.nix
View file

@ -110,7 +110,7 @@ in
config = mkIf config.services.cgminer.enable { config = mkIf config.services.cgminer.enable {
users.extraUsers = optionalAttrs (cfg.user == "cgminer") (singleton users.users = optionalAttrs (cfg.user == "cgminer") (singleton
{ name = "cgminer"; { name = "cgminer";
uid = config.ids.uids.cgminer; uid = config.ids.uids.cgminer;
description = "Cgminer user"; description = "Cgminer user";

4
nixos/modules/services/misc/couchpotato.nix
View file

@ -34,7 +34,7 @@ in
}; };
}; };
users.extraUsers = singleton users.users = singleton
{ name = "couchpotato"; { name = "couchpotato";
group = "couchpotato"; group = "couchpotato";
home = "/var/lib/couchpotato/"; home = "/var/lib/couchpotato/";
@ -42,7 +42,7 @@ in
uid = config.ids.uids.couchpotato; uid = config.ids.uids.couchpotato;
}; };
users.extraGroups = singleton users.groups = singleton
{ name = "couchpotato"; { name = "couchpotato";
gid = config.ids.gids.couchpotato; gid = config.ids.gids.couchpotato;
}; };

4
nixos/modules/services/misc/dictd.nix
View file

@ -45,7 +45,7 @@ in
# get the command line client on system path to make some use of the service # get the command line client on system path to make some use of the service
environment.systemPackages = [ pkgs.dict ]; environment.systemPackages = [ pkgs.dict ];
users.extraUsers = singleton users.users = singleton
{ name = "dictd"; { name = "dictd";
group = "dictd"; group = "dictd";
description = "DICT.org dictd server"; description = "DICT.org dictd server";
@ -53,7 +53,7 @@ in
uid = config.ids.uids.dictd; uid = config.ids.uids.dictd;
}; };
users.extraGroups = singleton users.groups = singleton
{ name = "dictd"; { name = "dictd";
gid = config.ids.gids.dictd; gid = config.ids.gids.dictd;
}; };

2
nixos/modules/services/misc/disnix.nix
View file

@ -71,7 +71,7 @@ in
++ optional cfg.useWebServiceInterface "${pkgs.dbus_java}/share/java/dbus.jar"; ++ optional cfg.useWebServiceInterface "${pkgs.dbus_java}/share/java/dbus.jar";
services.tomcat.webapps = optional cfg.useWebServiceInterface pkgs.DisnixWebService; services.tomcat.webapps = optional cfg.useWebServiceInterface pkgs.DisnixWebService;
users.extraGroups = singleton users.groups = singleton
{ name = "disnix"; { name = "disnix";
gid = config.ids.gids.disnix; gid = config.ids.gids.disnix;
}; };

2
nixos/modules/services/misc/docker-registry.nix
View file

@ -140,7 +140,7 @@ in {
startAt = optional cfg.enableGarbageCollect cfg.garbageCollectDates; startAt = optional cfg.enableGarbageCollect cfg.garbageCollectDates;
}; };
users.extraUsers.docker-registry = { users.users.docker-registry = {
createHome = true; createHome = true;
home = cfg.storagePath; home = cfg.storagePath;
}; };

Some files were not shown because too many files have changed in this diff Show more