Luj/snowfield
1
0
Fork 0
mirror of https://github.com/JulienMalka/snowfield.git synced 2025-03-26 05:40:52 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Updated filerun and fixed permissions

Browse source
This commit is contained in:
Julien Malka 2022-01-02 23:00:58 +01:00
parent 171ee59ab4
commit 0279b0b986
No known key found for this signature in database
GPG key ID: 3C68E13964FEA07F
2 changed files with 16 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
modules/filerun/default.nix
View file

@ -58,19 +58,29 @@ in
''; '';
}; };
users.users.filerun = {
isSystemUser = true;
uid = 250;
};
users.groups.filerun = {
gid = 350;
};
users.users.filerun.group = config.users.groups.filerun.name;
virtualisation.oci-containers.containers."filerun" = { virtualisation.oci-containers.containers."filerun" = {
image = "afian/filerun:libreoffice"; image = "filerun/filerun";
environment = { environment = {
"FR_DB_HOST" = "filerun-mariadb"; "FR_DB_HOST" = "filerun-mariadb";
"FR_DB_PORT" = "3306"; "FR_DB_PORT" = "3306";
"FR_DB_NAME" = "filerundb"; "FR_DB_NAME" = "filerundb";
"FR_DB_USER" = "filerun"; "FR_DB_USER" = "filerun";
"APACHE_RUN_USER" = "filerunuser"; "APACHE_RUN_USER" = config.users.users.filerun.name;
"APACHE_RUN_USER_ID" = "1000"; "APACHE_RUN_USER_ID" = "250";
"APACHE_RUN_GROUP" = "hello"; "APACHE_RUN_GROUP" = config.users.groups.filerun.name;
"APACHE_RUN_GROUP_ID" = "100"; "APACHE_RUN_GROUP_ID" = "350";
}; };
environmentFiles = [ environmentFiles = [
/run/secrets/filerun /run/secrets/filerun

2
users/julien.nix
View file

@ -5,7 +5,7 @@
users.users.julien = { users.users.julien = {
isNormalUser = true; isNormalUser = true;
home = "/home/julien"; home = "/home/julien";
extraGroups = [ "wheel" config.users.groups.keys.name ]; extraGroups = [ "wheel" config.users.groups.keys.name config.users.groups.filerun.name ];
shell = pkgs.fish; shell = pkgs.fish;
passwordFile = config.sops.secrets.user-julien-password.path; passwordFile = config.sops.secrets.user-julien-password.path;
openssh.authorizedKeys.keyFiles = [ openssh.authorizedKeys.keyFiles = [