From 70e5230611c31e031743d5a30381729c2258c67c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Motiejus=20Jak=C5=A1tys?= <motiejus@jakstys.lt>
Date: Sat, 23 Sep 2023 22:46:14 +0300
Subject: [PATCH] system users: use /bin/sh

Just learned about "bash security issue" when reading about rrsync.
---
 modules/services/borgstor/default.nix    | 2 +-
 modules/services/deployerbot/default.nix | 4 ++--
 modules/services/gitea/default.nix       | 2 +-
 modules/services/jakstpub/default.nix    | 2 +-
 4 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/modules/services/borgstor/default.nix b/modules/services/borgstor/default.nix
index 7e5e702..3e2a2c2 100644
--- a/modules/services/borgstor/default.nix
+++ b/modules/services/borgstor/default.nix
@@ -16,7 +16,7 @@
       users.users.borgstor = {
         description = "Borg Storage";
         home = dataDir;
-        useDefaultShell = true;
+        shell = "/bin/sh";
         group = "borgstor";
         isSystemUser = true;
         createHome = false;
diff --git a/modules/services/deployerbot/default.nix b/modules/services/deployerbot/default.nix
index c411d19..0c3e5d9 100644
--- a/modules/services/deployerbot/default.nix
+++ b/modules/services/deployerbot/default.nix
@@ -53,7 +53,7 @@ in {
         users.users.deployerbot-main = {
           description = "Deployerbot Main";
           home = "/var/lib/deployerbot-main";
-          useDefaultShell = true;
+          shell = "/bin/sh";
           group = "deployerbot-main";
           isSystemUser = true;
           createHome = true;
@@ -122,7 +122,7 @@ in {
           deployerbot-follower = {
             description = "Deployerbot Follower";
             home = "/var/lib/deployerbot-follower";
-            useDefaultShell = true;
+            shell = "/bin/sh";
             group = "deployerbot-follower";
             extraGroups = ["wheel"];
             isSystemUser = true;
diff --git a/modules/services/gitea/default.nix b/modules/services/gitea/default.nix
index e78a3c5..a7766e7 100644
--- a/modules/services/gitea/default.nix
+++ b/modules/services/gitea/default.nix
@@ -13,7 +13,7 @@
       users.git = {
         description = "Gitea Service";
         home = "/var/lib/gitea";
-        useDefaultShell = true;
+        shell = "/bin/sh";
         group = "gitea";
         isSystemUser = true;
         uid = myData.uidgid.gitea;
diff --git a/modules/services/jakstpub/default.nix b/modules/services/jakstpub/default.nix
index 32ae2e8..b480d3b 100644
--- a/modules/services/jakstpub/default.nix
+++ b/modules/services/jakstpub/default.nix
@@ -77,7 +77,7 @@ in {
     users.users.jakstpub = {
       description = "Jakstys Public";
       home = "/var/empty";
-      useDefaultShell = true;
+      shell = "/bin/sh";
       group = "jakstpub";
       isSystemUser = true;
       createHome = false;