diff options
Diffstat (limited to 'krebs/3modules/konsens.nix')
| -rw-r--r-- | krebs/3modules/konsens.nix | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/krebs/3modules/konsens.nix b/krebs/3modules/konsens.nix index 81486810..0463de53 100644 --- a/krebs/3modules/konsens.nix +++ b/krebs/3modules/konsens.nix @@ -1,6 +1,5 @@ { config, lib, pkgs, ... }: - -with import <stockholm/lib>; +with import ../../lib/pure.nix { inherit lib; }; let cfg = config.krebs.konsens; @@ -39,10 +38,13 @@ let }; imp = { + users.groups.konsens.gid = genid "konsens"; users.users.konsens = rec { name = "konsens"; + group = "konsens"; uid = genid name; home = "/var/lib/konsens"; + isSystemUser = true; createHome = true; }; @@ -57,12 +59,17 @@ let systemd.services = mapAttrs' (name: repo: nameValuePair "konsens-${name}" { after = [ "network.target" ]; - path = [ pkgs.git ]; + path = [ + pkgs.git + pkgs.openssh + ]; restartIfChanged = false; serviceConfig = { Type = "simple"; PermissionsStartOnly = true; - ExecStart = pkgs.writeDash "konsens-${name}" '' + ExecStart = pkgs.writers.writeDash "konsens-${name}" '' + set -efu + git config --global --replace-all safe.directory * if ! test -e ${name}; then git clone ${repo.url} ${name} fi |