summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/2configs/shack/muell_mail.nix1
-rw-r--r--krebs/2configs/shack/muellshack.nix1
-rw-r--r--krebs/2configs/shack/node-light.nix1
-rw-r--r--krebs/2configs/shack/powerraw.nix5
-rw-r--r--krebs/2configs/shack/s3-power.nix1
-rw-r--r--krebs/2configs/shack/shackDNS.nix1
-rw-r--r--krebs/2configs/shack/share.nix2
-rw-r--r--krebs/3modules/airdcpp.nix1
-rw-r--r--krebs/3modules/urlwatch.nix1
-rw-r--r--makefu/1systems/gum/config.nix3
-rw-r--r--makefu/1systems/omo/config.nix5
-rw-r--r--makefu/1systems/x/x13/default.nix2
-rw-r--r--makefu/1systems/x/x13/zfs.nix1
-rw-r--r--makefu/2configs/bgt/download.binaergewitter.de.nix1
-rw-r--r--makefu/2configs/bgt/hidden_service.nix4
-rw-r--r--makefu/2configs/bureautomation/default.nix2
-rw-r--r--makefu/2configs/dcpp/hub.nix3
-rw-r--r--makefu/2configs/default.nix1
-rw-r--r--makefu/2configs/deployment/owncloud.nix2
-rw-r--r--makefu/2configs/deployment/rss.euer.krebsco.de.nix5
-rw-r--r--makefu/2configs/filepimp-share.nix2
-rw-r--r--makefu/2configs/home/ham/automation/fenster_auf.nix4
-rw-r--r--makefu/2configs/home/ham/automation/pflanzen_giessen_erinnerung.nix28
-rw-r--r--makefu/2configs/home/ham/default.nix3
-rw-r--r--makefu/2configs/home/metube.nix5
-rw-r--r--makefu/2configs/home/zigbee2mqtt/default.nix2
-rw-r--r--makefu/2configs/lanparty/samba.nix2
-rw-r--r--makefu/2configs/nsupdate-data.nix1
-rw-r--r--makefu/2configs/remote-build/slave.nix15
-rw-r--r--makefu/2configs/share-user-sftp.nix1
-rw-r--r--makefu/2configs/share/gum.nix5
-rw-r--r--makefu/2configs/share/temp-share-samba.nix2
-rw-r--r--makefu/2configs/share/wbob.nix2
-rw-r--r--makefu/2configs/stats/arafetch.nix1
-rw-r--r--makefu/2configs/temp/share-samba.nix2
-rw-r--r--makefu/2configs/tools/extra-gui.nix3
-rw-r--r--makefu/2configs/tools/media.nix2
-rw-r--r--makefu/2configs/tools/sec.nix2
-rw-r--r--makefu/3modules/ps3netsrv.nix1
-rw-r--r--makefu/5pkgs/awesomecfg/full.cfg2
-rw-r--r--makefu/5pkgs/chitubox/default.nix3
-rw-r--r--makefu/5pkgs/droidcam/default.nix55
-rw-r--r--makefu/5pkgs/hdl-dump/default.nix33
-rw-r--r--makefu/5pkgs/shiori/default.nix4
-rw-r--r--makefu/5pkgs/tt-rss/default.nix25
-rw-r--r--makefu/krops.nix2
46 files changed, 91 insertions, 159 deletions
diff --git a/krebs/2configs/shack/muell_mail.nix b/krebs/2configs/shack/muell_mail.nix
index 481564719..951450200 100644
--- a/krebs/2configs/shack/muell_mail.nix
+++ b/krebs/2configs/shack/muell_mail.nix
@@ -12,6 +12,7 @@ let
in {
users.users.muell_mail = {
inherit home;
+ isSystemUser = true;
createHome = true;
};
systemd.services.muell_mail = {
diff --git a/krebs/2configs/shack/muellshack.nix b/krebs/2configs/shack/muellshack.nix
index e894b9394..b032b4299 100644
--- a/krebs/2configs/shack/muellshack.nix
+++ b/krebs/2configs/shack/muellshack.nix
@@ -13,6 +13,7 @@ let
in {
users.users.muellshack = {
inherit home;
+ isSystemUser = true;
createHome = true;
};
services.nginx.virtualHosts."muell.shack" = {
diff --git a/krebs/2configs/shack/node-light.nix b/krebs/2configs/shack/node-light.nix
index 4a981ea87..2e69d5aaa 100644
--- a/krebs/2configs/shack/node-light.nix
+++ b/krebs/2configs/shack/node-light.nix
@@ -14,6 +14,7 @@ in {
networking.firewall.allowedUDPPorts = [ 2342 ];
users.users.node-light = {
inherit home;
+ isSystemUser = true;
createHome = true;
};
services.nginx.virtualHosts."lounge.light.shack" = {
diff --git a/krebs/2configs/shack/powerraw.nix b/krebs/2configs/shack/powerraw.nix
index cc3692e85..43c743587 100644
--- a/krebs/2configs/shack/powerraw.nix
+++ b/krebs/2configs/shack/powerraw.nix
@@ -14,7 +14,10 @@ let
in {
# receive response from light.shack / standby.shack
networking.firewall.allowedUDPPorts = [ 11111 ];
- users.users.powermeter.extraGroups = [ "dialout" ];
+ users.users.powermeter = {
+ extraGroups = [ "dialout" ];
+ isSystemUser = true;
+ };
# we make sure that usb-ttl has the correct permissions
# creates /dev/powerraw
diff --git a/krebs/2configs/shack/s3-power.nix b/krebs/2configs/shack/s3-power.nix
index f3ea67f79..0ce8a8786 100644
--- a/krebs/2configs/shack/s3-power.nix
+++ b/krebs/2configs/shack/s3-power.nix
@@ -14,6 +14,7 @@ in {
users.users.s3_power = {
inherit home;
createHome = true;
+ isSystemUser = true;
};
systemd.services.s3-power = {
startAt = "daily";
diff --git a/krebs/2configs/shack/shackDNS.nix b/krebs/2configs/shack/shackDNS.nix
index 807bb7e65..c9cdfd24b 100644
--- a/krebs/2configs/shack/shackDNS.nix
+++ b/krebs/2configs/shack/shackDNS.nix
@@ -30,6 +30,7 @@ in {
users.users.shackDNS = {
inherit home;
createHome = true;
+ isSystemUser = true;
};
services.nginx.virtualHosts."leases.shack" = {
locations."/" = {
diff --git a/krebs/2configs/shack/share.nix b/krebs/2configs/shack/share.nix
index d8d65d309..3eb30964e 100644
--- a/krebs/2configs/shack/share.nix
+++ b/krebs/2configs/shack/share.nix
@@ -1,7 +1,7 @@
{config, ... }:{
users.users.smbguest = {
name = "smbguest";
- uid = config.ids.uids.smbguest;
+ uid = config.ids.uids.smbguest; #effectively systemUser
group = "share";
description = "smb guest user";
home = "/home/share";
diff --git a/krebs/3modules/airdcpp.nix b/krebs/3modules/airdcpp.nix
index 56fb31795..0ac9d3350 100644
--- a/krebs/3modules/airdcpp.nix
+++ b/krebs/3modules/airdcpp.nix
@@ -268,6 +268,7 @@ let
uid = genid "airdcpp";
home = cfg.stateDir;
createHome = true;
+ isSystemUser = true;
inherit (cfg) extraGroups;
};
groups.airdcpp.gid = genid "airdcpp";
diff --git a/krebs/3modules/urlwatch.nix b/krebs/3modules/urlwatch.nix
index 0b7a71db5..6a159a5b2 100644
--- a/krebs/3modules/urlwatch.nix
+++ b/krebs/3modules/urlwatch.nix
@@ -193,6 +193,7 @@ let
inherit (user) uid;
home = cfg.dataDir;
createHome = true;
+ isSystemUser = true;
};
};
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index 763d36841..1cfa8e4a4 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -126,6 +126,9 @@ in {
<stockholm/makefu/2configs/wireguard/server.nix>
<stockholm/makefu/2configs/wireguard/wiregrill.nix>
+ { # recent changes mediawiki bot
+ networking.firewall.allowedUDPPorts = [ 5005 5006 ];
+ }
# Removed until move: no extra mails
# <stockholm/makefu/2configs/urlwatch>
# Removed until move: avoid letsencrypt ban
diff --git a/makefu/1systems/omo/config.nix b/makefu/1systems/omo/config.nix
index 13918a9b1..6afe792ec 100644
--- a/makefu/1systems/omo/config.nix
+++ b/makefu/1systems/omo/config.nix
@@ -43,7 +43,6 @@ in {
<stockholm/makefu/2configs/tools/dev.nix>
<stockholm/makefu/2configs/tools/desktop.nix>
<stockholm/makefu/2configs/tools/mobility.nix>
- { environment.systemPackages = [ pkgs.esniper ]; }
#<stockholm/makefu/2configs/graphite-standalone.nix>
#<stockholm/makefu/2configs/share-user-sftp.nix>
@@ -97,7 +96,7 @@ in {
<stockholm/makefu/2configs/home/airsonic.nix>
<stockholm/makefu/2configs/home/photoprism.nix>
- <stockholm/makefu/2configs/home/metube.nix>
+ # <stockholm/makefu/2configs/home/metube.nix>
<stockholm/makefu/2configs/home/ham>
<stockholm/makefu/2configs/home/zigbee2mqtt>
{
@@ -141,6 +140,7 @@ in {
];
makefu.full-populate = true;
nixpkgs.config.allowUnfree = true;
+ users.users.share.isNormalUser = true;
users.groups.share = {
gid = (import <stockholm/lib>).genid "share";
members = [ "makefu" "misa" ];
@@ -152,6 +152,7 @@ in {
users.users.misa = {
uid = 9002;
name = "misa";
+ isNormalUser = true;
};
zramSwap.enable = true;
diff --git a/makefu/1systems/x/x13/default.nix b/makefu/1systems/x/x13/default.nix
index f0d663ee9..ea557bbef 100644
--- a/makefu/1systems/x/x13/default.nix
+++ b/makefu/1systems/x/x13/default.nix
@@ -8,7 +8,7 @@
<nixos-hardware/lenovo/thinkpad/l14/amd> # close enough
# <stockholm/makefu/2configs/hw/tpm.nix>
<stockholm/makefu/2configs/hw/ssd.nix>
- <stockholm/makefu/2configs/hw/xmm7360.nix>
+ # <stockholm/makefu/2configs/hw/xmm7360.nix>
];
boot.zfs.requestEncryptionCredentials = true;
networking.hostId = "f8b8e0a2";
diff --git a/makefu/1systems/x/x13/zfs.nix b/makefu/1systems/x/x13/zfs.nix
index adfebbf96..d6b99df41 100644
--- a/makefu/1systems/x/x13/zfs.nix
+++ b/makefu/1systems/x/x13/zfs.nix
@@ -13,6 +13,7 @@
boot.kernelModules = [ "kvm-amd" ];
boot.extraModulePackages = [ ];
+ boot.zfs.enableUnstable = true; # required for 21.05
fileSystems."/" =
{ device = "zroot/root/nixos";
fsType = "zfs";
diff --git a/makefu/2configs/bgt/download.binaergewitter.de.nix b/makefu/2configs/bgt/download.binaergewitter.de.nix
index 4abc7d345..6ce0606a8 100644
--- a/makefu/2configs/bgt/download.binaergewitter.de.nix
+++ b/makefu/2configs/bgt/download.binaergewitter.de.nix
@@ -22,6 +22,7 @@ in {
uid = genid "auphonic";
group = "nginx";
useDefaultShell = true;
+ isSystemUser = true;
openssh.authorizedKeys.keys = [ ident config.krebs.users.makefu.pubkey ];
};
diff --git a/makefu/2configs/bgt/hidden_service.nix b/makefu/2configs/bgt/hidden_service.nix
index c1a31b8dc..56d319e39 100644
--- a/makefu/2configs/bgt/hidden_service.nix
+++ b/makefu/2configs/bgt/hidden_service.nix
@@ -41,8 +41,8 @@ in
services.tor = {
enable = true;
hiddenServices."${name}".map = [
- { port = "80"; }
- # { port = "443"; toHost = "blog.binaergewitter.de"; }
+ { port = 80; }
+ # { port = 443; toHost = "blog.binaergewitter.de"; }
];
};
}
diff --git a/makefu/2configs/bureautomation/default.nix b/makefu/2configs/bureautomation/default.nix
index 669754caf..46bf05963 100644
--- a/makefu/2configs/bureautomation/default.nix
+++ b/makefu/2configs/bureautomation/default.nix
@@ -6,7 +6,7 @@ in {
imports = [
./ota.nix
./comic-updater.nix
- ./puppy-proxy.nix
+ # ./puppy-proxy.nix
./zigbee2mqtt
diff --git a/makefu/2configs/dcpp/hub.nix b/makefu/2configs/dcpp/hub.nix
index fbbce1f09..d9a2869cc 100644
--- a/makefu/2configs/dcpp/hub.nix
+++ b/makefu/2configs/dcpp/hub.nix
@@ -33,10 +33,11 @@ let
uhubDir = "/var/lib/uhub";
in {
- users.extraUsers."${ddclientUser}" = {
+ users.users."${ddclientUser}" = {
uid = genid "ddclient";
description = "ddclient daemon user";
home = stateDir;
+ isSystemUser = true;
createHome = true;
};
diff --git a/makefu/2configs/default.nix b/makefu/2configs/default.nix
index be64e402e..52206c380 100644
--- a/makefu/2configs/default.nix
+++ b/makefu/2configs/default.nix
@@ -23,6 +23,7 @@ with import <stockholm/lib>;
group = "users";
home = "/home/makefu";
createHome = true;
+ isNormalUser = true;
useDefaultShell = true;
extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ];
diff --git a/makefu/2configs/deployment/owncloud.nix b/makefu/2configs/deployment/owncloud.nix
index 86bd4b524..0593cf7fc 100644
--- a/makefu/2configs/deployment/owncloud.nix
+++ b/makefu/2configs/deployment/owncloud.nix
@@ -75,7 +75,7 @@ in {
};
};
services.redis.enable = true;
- systemd.services.redis.serviceConfig.LimitNOFILE=65536;
+ systemd.services.redis.serviceConfig.LimitNOFILE=mkForce "65536";
services.postgresql = {
enable = true;
# Ensure the database, user, and permissions always exist
diff --git a/makefu/2configs/deployment/rss.euer.krebsco.de.nix b/makefu/2configs/deployment/rss.euer.krebsco.de.nix
index a7ada9395..098ffcdd5 100644
--- a/makefu/2configs/deployment/rss.euer.krebsco.de.nix
+++ b/makefu/2configs/deployment/rss.euer.krebsco.de.nix
@@ -7,6 +7,11 @@ in {
virtualHost = fqdn;
selfUrlPath = "https://${fqdn}";
};
+
+ nixpkgs.config.permittedInsecurePackages = [
+ "python2.7-Pillow-6.2.2"
+ ];
+
systemd.services.tt-rss.serviceConfig.ExecStart = lib.mkForce "${pkgs.php}/bin/php /var/lib/tt-rss/update_daemon2.php";
services.postgresql.package = pkgs.postgresql_9_6;
state = [ config.services.postgresqlBackup.location ];
diff --git a/makefu/2configs/filepimp-share.nix b/makefu/2configs/filepimp-share.nix
index 70c0320a1..abbdcbbb2 100644
--- a/makefu/2configs/filepimp-share.nix
+++ b/makefu/2configs/filepimp-share.nix
@@ -6,7 +6,7 @@ let
in {
users.users.smbguest = {
name = "smbguest";
- uid = config.ids.uids.smbguest;
+ uid = config.ids.uids.smbguest; # effectively systemUser
description = "smb guest user";
home = "/var/empty";
};
diff --git a/makefu/2configs/home/ham/automation/fenster_auf.nix b/makefu/2configs/home/ham/automation/fenster_auf.nix
index 0c57fc760..b24f6445d 100644
--- a/makefu/2configs/home/ham/automation/fenster_auf.nix
+++ b/makefu/2configs/home/ham/automation/fenster_auf.nix
@@ -19,8 +19,8 @@ let
[
{
service = "notify.signal_home";
- data = {
- message= "${name} seit ${toString min} Minuten offen\nBitte einmal checken ob das ok ist :)";
+ data_template = {
+ message = "${name} seit ${toString min} Minuten offen und draussen ist es gerade {{states.sensor.dark_sky_temperature.state}}°C bei {{states.sensor.dark_sky_humidity.state}}% Luftfeuchte";
};
}
{
diff --git a/makefu/2configs/home/ham/automation/pflanzen_giessen_erinnerung.nix b/makefu/2configs/home/ham/automation/pflanzen_giessen_erinnerung.nix
index 3aaa57bd6..32a373edc 100644
--- a/makefu/2configs/home/ham/automation/pflanzen_giessen_erinnerung.nix
+++ b/makefu/2configs/home/ham/automation/pflanzen_giessen_erinnerung.nix
@@ -5,22 +5,22 @@ let
};
notify_home = message: {
service = "notify.signal_home";
- data.message = message;
+ data_template.message = message;
};
in
{
services.home-assistant.config.automation =
[
- {
- alias = "Pflanzen Giessen Erinnerung Daily";
- trigger = {
- platform = "time";
- at = "12:15:00";
- };
- action = [
- (notify_felix "Es ist Mittagszeit und du kannst ruhig einmal alle Blumen im Zimmer giessen")
- ];
- }
+ #{
+ # alias = "Pflanzen Giessen Erinnerung Daily";
+ # trigger = {
+ # platform = "time";
+ # at = "12:15:00";
+ # };
+ # action = [
+ # (notify_felix "Es ist Mittagszeit und du kannst ruhig einmal alle Blumen im Zimmer giessen")
+ # ];
+ #}
{
alias = "Pflanzen Giessen Erinnerung Weekly";
trigger = {
@@ -32,7 +32,11 @@ in
weekday = [ "sat" ];
};
action = [
- (notify_home "Es ist Wochenende und die Pflanzen würden sich über ein bisschen Wasser freuen.")
+ (notify_home
+ ''Es ist Wochenende und die Pflanzen würden sich über ein bisschen Wasser freuen.
+ Die Wettervorhersage: {{states.sensor.dark_sky_summary.state}} mit einer Regenwahrscheinlichkeit von {{states.sensor.dark_sky_precip_probability.state}}%.
+ Aktuell sind es {{states.sensor.dark_sky_temperature.state}}°C bei {{states.sensor.dark_sky_humidity.state}}% Luftfeuchte.
+ Der UV Index liegt bei {{states.sensor.dark_sky_uv_index.state}}'')
];
}
];
diff --git a/makefu/2configs/home/ham/default.nix b/makefu/2configs/home/ham/default.nix
index 11894906e..79f26a053 100644
--- a/makefu/2configs/home/ham/default.nix
+++ b/makefu/2configs/home/ham/default.nix
@@ -180,7 +180,8 @@ in {
frontend = { };
http = {
use_x_forwarded_for = true;
- server_host = "127.0.0.1";
+ #server_host = "127.0.0.1";
+ server_host = "0.0.0.0";
trusted_proxies = [ "127.0.0.1" ];
#trusted_proxies = [ "192.168.1.0/24" ];
};
diff --git a/makefu/2configs/home/metube.nix b/makefu/2configs/home/metube.nix
index 50646d210..e6008d475 100644
--- a/makefu/2configs/home/metube.nix
+++ b/makefu/2configs/home/metube.nix
@@ -26,7 +26,10 @@ in
];
user = "metube";
};
- users.users.metube.uid = uid;
+ users.users.metube = {
+ uid = uid;
+ isSystemUser = true;
+ };
systemd.services.docker-metube.serviceConfig = {
StandardOutput = lib.mkForce "journal";
diff --git a/makefu/2configs/home/zigbee2mqtt/default.nix b/makefu/2configs/home/zigbee2mqtt/default.nix
index 95ee56835..1c4582ed5 100644
--- a/makefu/2configs/home/zigbee2mqtt/default.nix
+++ b/makefu/2configs/home/zigbee2mqtt/default.nix
@@ -20,7 +20,7 @@ in
services.zigbee2mqtt = {
enable = true;
inherit dataDir;
- config = {
+ settings = {
permit_join = true;
serial.port = "/dev/cc2531";
homeassistant = true;
diff --git a/makefu/2configs/lanparty/samba.nix b/makefu/2configs/lanparty/samba.nix
index 4176d7b35..0bd29497d 100644
--- a/makefu/2configs/lanparty/samba.nix
+++ b/makefu/2configs/lanparty/samba.nix
@@ -3,7 +3,7 @@
networking.firewall.allowedTCPPorts = [ 139 445 ];
users.users.smbguest = {
name = "smbguest";
- uid = config.ids.uids.smbguest;
+ uid = config.ids.uids.smbguest; #effectively systemUser
description = "smb guest user";
home = "/data/lanparty";
createHome = true;
diff --git a/makefu/2configs/nsupdate-data.nix b/makefu/2configs/nsupdate-data.nix
index cfa6193c6..2f8f4acc4 100644
--- a/makefu/2configs/nsupdate-data.nix
+++ b/makefu/2configs/nsupdate-data.nix
@@ -34,6 +34,7 @@ in {
description = "ddclient daemon user";
home = stateDir;
createHome = true;
+ isSystemUser = true;
};
systemd.services = {
diff --git a/makefu/2configs/remote-build/slave.nix b/makefu/2configs/remote-build/slave.nix
index 0227f512a..039698f1d 100644
--- a/makefu/2configs/remote-build/slave.nix
+++ b/makefu/2configs/remote-build/slave.nix
@@ -1,11 +1,12 @@
{config,...}:{
nix.trustedUsers = [ "nixBuild" ];
users.users.nixBuild = {
- name = "nixBuild";
- useDefaultShell = true;
- openssh.authorizedKeys.keys = [
- config.krebs.users.buildbotSlave.pubkey
- config.krebs.users.makefu-remote-builder.pubkey
- ];
- };
+ name = "nixBuild";
+ isNormalUser = true;
+ useDefaultShell = true;
+ openssh.authorizedKeys.keys = [
+ config.krebs.users.buildbotSlave.pubkey
+ config.krebs.users.makefu-remote-builder.pubkey
+ ];
+ };
}
diff --git a/makefu/2configs/share-user-sftp.nix b/makefu/2configs/share-user-sftp.nix
index 2c93143ec..26f1d3ba3 100644
--- a/makefu/2configs/share-user-sftp.nix
+++ b/makefu/2configs/share-user-sftp.nix
@@ -5,6 +5,7 @@
share = {
uid = 9002;
home = "/var/empty";
+ isNormalUser = true;
openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ];
};
};
diff --git a/makefu/2configs/share/gum.nix b/makefu/2configs/share/gum.nix
index 27e0c638b..fd81f28ca 100644
--- a/makefu/2configs/share/gum.nix
+++ b/makefu/2configs/share/gum.nix
@@ -11,7 +11,10 @@ in {
# home = "/var/empty";
# };
environment.systemPackages = [ pkgs.samba ];
- users.users.download.uid = genid "download";
+ users.users.download = {
+ uid = genid "download";
+ isNormalUser = true;
+ };
services.samba = {
enable = true;
shares = {
diff --git a/makefu/2configs/share/temp-share-samba.nix b/makefu/2configs/share/temp-share-samba.nix
index ac0eaa978..56beb5b42 100644
--- a/makefu/2configs/share/temp-share-samba.nix
+++ b/makefu/2configs/share/temp-share-samba.nix
@@ -9,7 +9,7 @@
networking.firewall.allowedTCPPorts = [ 139 445 ];
users.users.smbguest = {
name = "smbguest";
- uid = config.ids.uids.smbguest;
+ uid = config.ids.uids.smbguest; # effectively systemUser
description = "smb guest user";
home = "/home/share";
createHome = true;
diff --git a/makefu/2configs/share/wbob.nix b/makefu/2configs/share/wbob.nix
index 9695751ff..f2c36b551 100644
--- a/makefu/2configs/share/wbob.nix
+++ b/makefu/2configs/share/wbob.nix
@@ -3,7 +3,7 @@
networking.firewall.allowedTCPPorts = [ 139 445 ];
users.users.smbguest = {
name = "smbguest";
- uid = config.ids.uids.smbguest;
+ uid = config.ids.uids.smbguest; # effectively systemUser
description = "smb guest user";
home = "/home/share";
createHome = true;
diff --git a/makefu/2configs/stats/arafetch.nix b/makefu/2configs/stats/arafetch.nix
index e96daa038..c8ccbfbb9 100644
--- a/makefu/2configs/stats/arafetch.nix
+++ b/makefu/2configs/stats/arafetch.nix
@@ -23,6 +23,7 @@ in {
uid = genid "arafetch";
inherit home;
createHome = true;
+ isSystemUser = true;
};
systemd.services.ara2mqtt = {
diff --git a/makefu/2configs/temp/share-samba.nix b/makefu/2configs/temp/s