From 2a47990f16935d909930c9dd1ed6f8f2982df638 Mon Sep 17 00:00:00 2001 From: lassulus Date: Tue, 28 Dec 2021 22:20:54 +0100 Subject: ergo: use DynamicUser --- krebs/3modules/ergo.nix | 44 +++----------------------------------------- 1 file changed, 3 insertions(+), 41 deletions(-) diff --git a/krebs/3modules/ergo.nix b/krebs/3modules/ergo.nix index 14f85c4d7..df9757db0 100644 --- a/krebs/3modules/ergo.nix +++ b/krebs/3modules/ergo.nix @@ -50,7 +50,7 @@ in }; }; datastore = { - path = "${cfg.statedir}/ircd.db"; + path = "/var/lib/ergo/ircd.db"; }; accounts = { authentication-enabled = true; @@ -75,30 +75,6 @@ in }; }; - statedir = mkOption { - type = types.path; - default = "/var/lib/ergo"; - description = '' - Location of the state directory of ergo. - ''; - }; - - user = mkOption { - type = types.str; - default = "ergo"; - description = '' - Ergo IRC daemon user. - ''; - }; - - group = mkOption { - type = types.str; - default = "ergo"; - description = '' - Ergo IRC daemon group. - ''; - }; - }; }; @@ -107,28 +83,14 @@ in ###### implementation config = mkIf cfg.enable ({ - users.users.${cfg.user} = { - description = "Ergo IRC daemon user"; - uid = config.ids.uids.ircd; - group = cfg.group; - }; - - users.groups.${cfg.group} = { - gid = config.ids.gids.ircd; - }; - - systemd.tmpfiles.rules = [ - "d ${cfg.statedir} - ${cfg.user} ${cfg.group} - -" - ]; systemd.services.ergo = { description = "Ergo IRC daemon"; wantedBy = [ "multi-user.target" ]; serviceConfig = { - ExecStartPre = "${ergo}/bin/ergo initdb --conf ${configFile}"; ExecStart = "${ergo}/bin/ergo run --conf ${configFile}"; - Group = cfg.group; - User = cfg.user; + DynamicUser = true; + StateDirectory = "ergo"; }; }; -- cgit v1.2.3