Luj/snowfield
1
0
Fork 0
mirror of https://github.com/JulienMalka/snowfield.git synced 2025-03-27 06:10:53 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Refactored nix allowed users

Browse source
This commit is contained in:
Julien Malka 2021-12-25 22:16:24 +01:00
parent 761a68e8d9
commit 31c8529504
No known key found for this signature in database
GPG key ID: 3C68E13964FEA07F
2 changed files with 7 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
modules/bincache/default.nix
View file

@ -14,12 +14,13 @@ with lib;
};
config = mkIf cfg.enable
{
users.users.nix-serve = {
isSystemUser = true;
};
{
users.users.nix-serve = {
isSystemUser = true;
};
nix.allowedUsers = [ "nix-serve" ];
users.users.nix-serve.group = "nix-serve";
users.groups.nix-serve = {};
users.groups.nix-serve = { };
sops.secrets.bin-cache-priv-key = {
owner = "nix-serve";
@ -30,7 +31,7 @@ with lib;
secretKeyFile = "/run/secrets/bin-cache-priv-key";
port = port;
};
luj.nginx.enable = true;
services.nginx.virtualHosts."${cfg.subdomain}.julienmalka.me" = {
enableACME = true;

1
modules/nix/default.nix
View file

@ -13,7 +13,6 @@ with lib;
nixpkgs.config.allowUnfree = true;
nix = {
autoOptimiseStore = true;
allowedUsers = [ "julien" "hydra" "nix-serve" ];
gc = {
automatic = true;
dates = "daily";