ma treewide: make 21.05 compatible (is*User, other fixes)
This commit is contained in:
parent
771ea66091
commit
e7bf265a85
|
@ -43,7 +43,6 @@ in {
|
||||||
<stockholm/makefu/2configs/tools/dev.nix>
|
<stockholm/makefu/2configs/tools/dev.nix>
|
||||||
<stockholm/makefu/2configs/tools/desktop.nix>
|
<stockholm/makefu/2configs/tools/desktop.nix>
|
||||||
<stockholm/makefu/2configs/tools/mobility.nix>
|
<stockholm/makefu/2configs/tools/mobility.nix>
|
||||||
{ environment.systemPackages = [ pkgs.esniper ]; }
|
|
||||||
#<stockholm/makefu/2configs/graphite-standalone.nix>
|
#<stockholm/makefu/2configs/graphite-standalone.nix>
|
||||||
#<stockholm/makefu/2configs/share-user-sftp.nix>
|
#<stockholm/makefu/2configs/share-user-sftp.nix>
|
||||||
|
|
||||||
|
@ -141,6 +140,7 @@ in {
|
||||||
];
|
];
|
||||||
makefu.full-populate = true;
|
makefu.full-populate = true;
|
||||||
nixpkgs.config.allowUnfree = true;
|
nixpkgs.config.allowUnfree = true;
|
||||||
|
users.users.share.isNormalUser = true;
|
||||||
users.groups.share = {
|
users.groups.share = {
|
||||||
gid = (import <stockholm/lib>).genid "share";
|
gid = (import <stockholm/lib>).genid "share";
|
||||||
members = [ "makefu" "misa" ];
|
members = [ "makefu" "misa" ];
|
||||||
|
@ -152,6 +152,7 @@ in {
|
||||||
users.users.misa = {
|
users.users.misa = {
|
||||||
uid = 9002;
|
uid = 9002;
|
||||||
name = "misa";
|
name = "misa";
|
||||||
|
isNormalUser = true;
|
||||||
};
|
};
|
||||||
|
|
||||||
zramSwap.enable = true;
|
zramSwap.enable = true;
|
||||||
|
|
|
@ -41,8 +41,8 @@ in
|
||||||
services.tor = {
|
services.tor = {
|
||||||
enable = true;
|
enable = true;
|
||||||
hiddenServices."${name}".map = [
|
hiddenServices."${name}".map = [
|
||||||
{ port = "80"; }
|
{ port = 80; }
|
||||||
# { port = "443"; toHost = "blog.binaergewitter.de"; }
|
# { port = 443; toHost = "blog.binaergewitter.de"; }
|
||||||
];
|
];
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -75,7 +75,7 @@ in {
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
services.redis.enable = true;
|
services.redis.enable = true;
|
||||||
systemd.services.redis.serviceConfig.LimitNOFILE=65536;
|
systemd.services.redis.serviceConfig.LimitNOFILE=mkForce "65536";
|
||||||
services.postgresql = {
|
services.postgresql = {
|
||||||
enable = true;
|
enable = true;
|
||||||
# Ensure the database, user, and permissions always exist
|
# Ensure the database, user, and permissions always exist
|
||||||
|
|
|
@ -7,6 +7,11 @@ in {
|
||||||
virtualHost = fqdn;
|
virtualHost = fqdn;
|
||||||
selfUrlPath = "https://${fqdn}";
|
selfUrlPath = "https://${fqdn}";
|
||||||
};
|
};
|
||||||
|
|
||||||
|
nixpkgs.config.permittedInsecurePackages = [
|
||||||
|
"python2.7-Pillow-6.2.2"
|
||||||
|
];
|
||||||
|
|
||||||
systemd.services.tt-rss.serviceConfig.ExecStart = lib.mkForce "${pkgs.php}/bin/php /var/lib/tt-rss/update_daemon2.php";
|
systemd.services.tt-rss.serviceConfig.ExecStart = lib.mkForce "${pkgs.php}/bin/php /var/lib/tt-rss/update_daemon2.php";
|
||||||
services.postgresql.package = pkgs.postgresql_9_6;
|
services.postgresql.package = pkgs.postgresql_9_6;
|
||||||
state = [ config.services.postgresqlBackup.location ];
|
state = [ config.services.postgresqlBackup.location ];
|
||||||
|
|
|
@ -26,7 +26,10 @@ in
|
||||||
];
|
];
|
||||||
user = "metube";
|
user = "metube";
|
||||||
};
|
};
|
||||||
users.users.metube.uid = uid;
|
users.users.metube = {
|
||||||
|
uid = uid;
|
||||||
|
isSystemUser = true;
|
||||||
|
};
|
||||||
|
|
||||||
systemd.services.docker-metube.serviceConfig = {
|
systemd.services.docker-metube.serviceConfig = {
|
||||||
StandardOutput = lib.mkForce "journal";
|
StandardOutput = lib.mkForce "journal";
|
||||||
|
|
|
@ -20,7 +20,7 @@ in
|
||||||
services.zigbee2mqtt = {
|
services.zigbee2mqtt = {
|
||||||
enable = true;
|
enable = true;
|
||||||
inherit dataDir;
|
inherit dataDir;
|
||||||
config = {
|
settings = {
|
||||||
permit_join = true;
|
permit_join = true;
|
||||||
serial.port = "/dev/cc2531";
|
serial.port = "/dev/cc2531";
|
||||||
homeassistant = true;
|
homeassistant = true;
|
||||||
|
|
|
@ -7,6 +7,7 @@
|
||||||
description = "smb guest user";
|
description = "smb guest user";
|
||||||
home = "/data/lanparty";
|
home = "/data/lanparty";
|
||||||
createHome = true;
|
createHome = true;
|
||||||
|
isNormalUser = true;
|
||||||
};
|
};
|
||||||
services.samba = {
|
services.samba = {
|
||||||
enable = true;
|
enable = true;
|
||||||
|
|
|
@ -1,11 +1,12 @@
|
||||||
{config,...}:{
|
{config,...}:{
|
||||||
nix.trustedUsers = [ "nixBuild" ];
|
nix.trustedUsers = [ "nixBuild" ];
|
||||||
users.users.nixBuild = {
|
users.users.nixBuild = {
|
||||||
name = "nixBuild";
|
name = "nixBuild";
|
||||||
useDefaultShell = true;
|
isNormalUser = true;
|
||||||
openssh.authorizedKeys.keys = [
|
useDefaultShell = true;
|
||||||
config.krebs.users.buildbotSlave.pubkey
|
openssh.authorizedKeys.keys = [
|
||||||
config.krebs.users.makefu-remote-builder.pubkey
|
config.krebs.users.buildbotSlave.pubkey
|
||||||
];
|
config.krebs.users.makefu-remote-builder.pubkey
|
||||||
};
|
];
|
||||||
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,6 +5,7 @@
|
||||||
share = {
|
share = {
|
||||||
uid = 9002;
|
uid = 9002;
|
||||||
home = "/var/empty";
|
home = "/var/empty";
|
||||||
|
isNormalUser = true;
|
||||||
openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ];
|
openssh.authorizedKeys.keys = [ config.krebs.users.makefu.pubkey ];
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -11,7 +11,10 @@ in {
|
||||||
# home = "/var/empty";
|
# home = "/var/empty";
|
||||||
# };
|
# };
|
||||||
environment.systemPackages = [ pkgs.samba ];
|
environment.systemPackages = [ pkgs.samba ];
|
||||||
users.users.download.uid = genid "download";
|
users.users.download = {
|
||||||
|
uid = genid "download";
|
||||||
|
isNormalUser = true;
|
||||||
|
};
|
||||||
services.samba = {
|
services.samba = {
|
||||||
enable = true;
|
enable = true;
|
||||||
shares = {
|
shares = {
|
||||||
|
|
|
@ -4,6 +4,7 @@
|
||||||
uid = config.ids.uids.smbguest;
|
uid = config.ids.uids.smbguest;
|
||||||
group = "share";
|
group = "share";
|
||||||
description = "smb guest user";
|
description = "smb guest user";
|
||||||
|
isNormalUser = true;
|
||||||
home = "/var/empty";
|
home = "/var/empty";
|
||||||
};
|
};
|
||||||
users.groups.share.members = [ "makefu" ];
|
users.groups.share.members = [ "makefu" ];
|
||||||
|
|
|
@ -50,6 +50,7 @@ let
|
||||||
# TODO only create if user is ps3netsrv
|
# TODO only create if user is ps3netsrv
|
||||||
users.users.ps3netsrv = {
|
users.users.ps3netsrv = {
|
||||||
uid = genid "ps3netsrv";
|
uid = genid "ps3netsrv";
|
||||||
|
isSystemUser = true;
|
||||||
};
|
};
|
||||||
users.groups.ps3netsrv.gid = genid "ps3netsrv";
|
users.groups.ps3netsrv.gid = genid "ps3netsrv";
|
||||||
};
|
};
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
{ go_1_14, buildGoPackage, fetchFromGitHub }:
|
{ buildGoPackage, fetchFromGitHub }:
|
||||||
let
|
let
|
||||||
builder = buildGoPackage.override { go = go_1_14; };
|
builder = buildGoPackage;
|
||||||
in
|
in
|
||||||
builder rec {
|
builder rec {
|
||||||
name = "shiori-${version}";
|
name = "shiori-${version}";
|
||||||
|
|
Loading…
Reference in a new issue