services: set isSystemUser for service users
'isSystemUser' has to be explicitly set in NixOS 21.05. Previously, it was the implicit default.
This commit is contained in:
parent
0ef66c920b
commit
e44f78ebb8
|
@ -388,7 +388,10 @@ in {
|
|||
} // nbLib.allowLocalIPAddresses;
|
||||
};
|
||||
|
||||
users.users.${cfg.user}.group = cfg.group;
|
||||
users.users.${cfg.user} = {
|
||||
isSystemUser = true;
|
||||
group = cfg.group;
|
||||
};
|
||||
users.groups.${cfg.group} = {};
|
||||
users.groups.bitcoinrpc-public = {};
|
||||
nix-bitcoin.operator.groups = [ cfg.group ];
|
||||
|
|
|
@ -230,6 +230,7 @@ in {
|
|||
}; in self;
|
||||
|
||||
users.users.${cfg.nbxplorer.user} = {
|
||||
isSystemUser = true;
|
||||
group = cfg.nbxplorer.group;
|
||||
extraGroups = [ "bitcoinrpc-public" ]
|
||||
++ optional cfg.btcpayserver.lbtc cfg.liquidd.group;
|
||||
|
@ -237,6 +238,7 @@ in {
|
|||
};
|
||||
users.groups.${cfg.nbxplorer.group} = {};
|
||||
users.users.${cfg.btcpayserver.user} = {
|
||||
isSystemUser = true;
|
||||
group = cfg.btcpayserver.group;
|
||||
extraGroups = [ cfg.nbxplorer.group ]
|
||||
++ optional (cfg.btcpayserver.lightningBackend == "clightning") cfg.clightning.user;
|
||||
|
|
|
@ -133,8 +133,8 @@ in
|
|||
};
|
||||
|
||||
users.users.${user} = {
|
||||
group = group;
|
||||
isSystemUser = true;
|
||||
group = group;
|
||||
};
|
||||
users.groups.${group} = {};
|
||||
};
|
||||
|
|
|
@ -140,6 +140,7 @@ in {
|
|||
};
|
||||
|
||||
users.users.${cfg.user} = {
|
||||
isSystemUser = true;
|
||||
group = cfg.group;
|
||||
extraGroups = [ "bitcoinrpc-public" ];
|
||||
};
|
||||
|
|
|
@ -106,6 +106,7 @@ in {
|
|||
};
|
||||
|
||||
users.users.${cfg.user} = {
|
||||
isSystemUser = true;
|
||||
group = cfg.group;
|
||||
extraGroups = [ "bitcoinrpc-public" ] ++ optionals cfg.high-memory [ bitcoind.user ];
|
||||
};
|
||||
|
|
|
@ -270,6 +270,7 @@ in {
|
|||
};
|
||||
|
||||
users.users.${cfg.user} = {
|
||||
isSystemUser = true;
|
||||
group = cfg.group;
|
||||
home = cfg.dataDir;
|
||||
# Allow access to the tor control socket, needed for payjoin onion service creation
|
||||
|
|
|
@ -240,6 +240,7 @@ in {
|
|||
};
|
||||
|
||||
users.users.${cfg.user} = {
|
||||
isSystemUser = true;
|
||||
group = cfg.group;
|
||||
extraGroups = [ "bitcoinrpc-public" ];
|
||||
};
|
||||
|
|
|
@ -263,6 +263,7 @@ in {
|
|||
};
|
||||
|
||||
users.users.${cfg.user} = {
|
||||
isSystemUser = true;
|
||||
group = cfg.group;
|
||||
extraGroups = [ "bitcoinrpc-public" ];
|
||||
home = cfg.dataDir; # lnd creates .lnd dir in HOME
|
||||
|
|
|
@ -97,6 +97,7 @@ in {
|
|||
};
|
||||
|
||||
users.users.recurring-donations = {
|
||||
isSystemUser = true;
|
||||
group = "recurring-donations";
|
||||
extraGroups = [ config.services.clightning.group ];
|
||||
};
|
||||
|
|
|
@ -65,6 +65,7 @@ in {
|
|||
services.clightning.enable = true;
|
||||
|
||||
users.users.${cfg.user} = {
|
||||
isSystemUser = true;
|
||||
group = cfg.group;
|
||||
extraGroups = [ config.services.clightning.group ];
|
||||
};
|
||||
|
|
Loading…
Reference in New Issue
Block a user