From 71fd71cb6b57bfc16a7b0c2a321bb37fe5e76a6f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Motiejus=20Jak=C5=A1tys?= Date: Mon, 24 Jul 2023 16:31:38 +0300 Subject: [PATCH] vno1-oh2: add updaterbot --- data.nix | 7 +++++++ hosts/hel1-a/configuration.nix | 22 +++++++++++++--------- hosts/vno1-oh2/configuration.nix | 18 ++++++++++++++++++ modules/base/users/default.nix | 2 +- 4 files changed, 39 insertions(+), 10 deletions(-) diff --git a/data.nix b/data.nix index 14fd6c9..7b5b079 100644 --- a/data.nix +++ b/data.nix @@ -1,4 +1,11 @@ rec { + uidgid = { + motiejus = 1000; + + gitea = 995; + updaterbot = 501; + }; + people_pubkeys = { motiejus = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC+qpaaD+FCYPcUU1ONbw/ff5j0xXu5DNvp/4qZH/vOYwG13uDdfI5ISYPs8zNaVcFuEDgNxWorVPwDw4p6+1JwRLlhO4J/5tE1w8Gt6C7y76LRWnp0rCdva5vL3xMozxYIWVOAiN131eyirV2FdOaqTwPy4ouNMmBFbibLQwBna89tbFMG/jwR7Cxt1I6UiYOuCXIocI5YUbXlsXoK9gr5yBRoTjl2OfH2itGYHz9xQCswvatmqrnteubAbkb6IUFYz184rnlVntuZLwzM99ezcG4v8/485gWkotTkOgQIrGNKgOA7UNKpQNbrwdPAMugqfSTo6g8fEvy0Q+6OXdxw5X7en2TJE+BLVaXp4pVMdOAzKF0nnssn64sRhsrUtFIjNGmOWBOR2gGokaJcM6x9R72qxucuG5054pSibs32BkPEg6Qzp+Bh77C3vUmC94YLVg6pazHhLroYSP1xQjfOvXyLxXB1s9rwJcO+s4kqmInft2weyhfaFE0Bjcoc+1/dKuQYfPCPSB//4zvktxTXud80zwWzMy91Q4ucRrHTBz3PrhO8ys74aSGnKOiG3ccD3HbaT0Ff4qmtIwHcAjrnNlINAcH/A2mpi0/2xA7T8WpFnvgtkQbcMF0kEKGnNS5ULZXP/LC8BlLXxwPdqTzvKikkTb661j4PhJhinhVwnQ=="; }; diff --git a/hosts/hel1-a/configuration.nix b/hosts/hel1-a/configuration.nix index 66434eb..2b53633 100644 --- a/hosts/hel1-a/configuration.nix +++ b/hosts/hel1-a/configuration.nix @@ -7,7 +7,6 @@ ... }: let turn_cert_dir = "/var/lib/caddy/.local/share/caddy/certificates/acme-v02.api.letsencrypt.org-directory/turn.jakstys.lt"; - gitea_uidgid = 995; in { imports = [ ./hardware-configuration.nix @@ -82,16 +81,21 @@ in { }; users = { - users.git = { - description = "Gitea Service"; - home = "/var/lib/gitea"; - useDefaultShell = true; - group = "gitea"; - isSystemUser = true; - uid = gitea_uidgid; + users = { + git = { + description = "Gitea Service"; + home = "/var/lib/gitea"; + useDefaultShell = true; + group = "gitea"; + isSystemUser = true; + uid = myData.uidgid.gitea; + }; + }; - groups.gitea.gid = gitea_uidgid; + groups = { + gitea.gid = myData.uidgid.gitea; + }; }; environment.systemPackages = with pkgs; [ diff --git a/hosts/vno1-oh2/configuration.nix b/hosts/vno1-oh2/configuration.nix index 254de0f..c425466 100644 --- a/hosts/vno1-oh2/configuration.nix +++ b/hosts/vno1-oh2/configuration.nix @@ -47,6 +47,24 @@ }; }; + users = { + users = { + updaterbot = { + description = "Dear Updater Bot"; + home = "/var/lib/updaterbot"; + useDefaultShell = true; + group = "updaterbot"; + isSystemUser = true; + createHome = true; + uid = myData.uidgid.updaterbot; + }; + }; + + groups = { + updaterbot.gid = myData.uidgid.updaterbot; + }; + }; + services = { tailscale.enable = true; diff --git a/modules/base/users/default.nix b/modules/base/users/default.nix index 623189b..3102ff6 100644 --- a/modules/base/users/default.nix +++ b/modules/base/users/default.nix @@ -32,7 +32,7 @@ { isNormalUser = true; extraGroups = ["wheel"]; - uid = 1000; + uid = myData.uidgid.motiejus; openssh.authorizedKeys.keys = [myData.people_pubkeys.motiejus]; } // lib.filterAttrs (n: v: v != null) passwd.motiejus or {};