From 45470c65f517eafaa93e528fb9ad35e707caa076 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Edward=20Tj=C3=B6rnhammar?= Date: Sat, 22 Apr 2017 09:44:12 +0200 Subject: [PATCH] nixos: static ids for jackett, radarr, sonarr --- nixos/modules/misc/ids.nix | 6 ++++++ nixos/modules/services/misc/jackett.nix | 7 +++++-- nixos/modules/services/misc/radarr.nix | 7 +++++-- nixos/modules/services/misc/sonarr.nix | 7 +++++-- 4 files changed, 21 insertions(+), 6 deletions(-) diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index feecee3225be..4232f57cb6ba 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -289,6 +289,9 @@ rpc = 271; geoip = 272; fcron = 273; + sonarr = 274; + radarr = 275; + jackett = 276; # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399! @@ -547,6 +550,9 @@ #rpc = 271; # unused #geoip = 272; # unused fcron = 273; + sonarr = 274; + radarr = 275; + jackett = 276; # When adding a gid, make sure it doesn't match an existing # uid. Users and groups with the same name should have equal diff --git a/nixos/modules/services/misc/jackett.nix b/nixos/modules/services/misc/jackett.nix index e467e7ee85b8..87a41ee70b54 100644 --- a/nixos/modules/services/misc/jackett.nix +++ b/nixos/modules/services/misc/jackett.nix @@ -22,14 +22,14 @@ in echo "Creating jackett data directory in /var/lib/jackett/" mkdir -p /var/lib/jackett/ } - chown -R jackett /var/lib/jackett/ + chown -R jackett:jackett /var/lib/jackett/ chmod 0700 /var/lib/jackett/ ''; serviceConfig = { Type = "simple"; User = "jackett"; - Group = "nogroup"; + Group = "jackett"; PermissionsStartOnly = "true"; ExecStart = "${pkgs.jackett}/bin/Jackett"; Restart = "on-failure"; @@ -37,8 +37,11 @@ in }; users.extraUsers.jackett = { + uid = config.ids.uids.jackett; home = "/var/lib/jackett"; + group = "jackett"; }; + users.extraGroups.jackett.gid = config.ids.gids.jackett; }; } diff --git a/nixos/modules/services/misc/radarr.nix b/nixos/modules/services/misc/radarr.nix index cc5efffca448..245ad9f9a6df 100644 --- a/nixos/modules/services/misc/radarr.nix +++ b/nixos/modules/services/misc/radarr.nix @@ -22,14 +22,14 @@ in echo "Creating radarr data directory in /var/lib/radarr/" mkdir -p /var/lib/radarr/ } - chown -R radarr /var/lib/radarr/ + chown -R radarr:radarr /var/lib/radarr/ chmod 0700 /var/lib/radarr/ ''; serviceConfig = { Type = "simple"; User = "radarr"; - Group = "nogroup"; + Group = "radarr"; PermissionsStartOnly = "true"; ExecStart = "${pkgs.radarr}/bin/Radarr"; Restart = "on-failure"; @@ -37,8 +37,11 @@ in }; users.extraUsers.radarr = { + uid = config.ids.uids.radarr; home = "/var/lib/radarr"; + group = "radarr"; }; + users.extraGroups.radarr.gid = config.ids.gids.radarr; }; } diff --git a/nixos/modules/services/misc/sonarr.nix b/nixos/modules/services/misc/sonarr.nix index 6d96daa6c3d4..ecde2c33bfa9 100644 --- a/nixos/modules/services/misc/sonarr.nix +++ b/nixos/modules/services/misc/sonarr.nix @@ -22,14 +22,14 @@ in echo "Creating sonarr data directory in /var/lib/sonarr/" mkdir -p /var/lib/sonarr/ } - chown -R sonarr /var/lib/sonarr/ + chown -R sonarr:sonarr /var/lib/sonarr/ chmod 0700 /var/lib/sonarr/ ''; serviceConfig = { Type = "simple"; User = "sonarr"; - Group = "nogroup"; + Group = "sonarr"; PermissionsStartOnly = "true"; ExecStart = "${pkgs.sonarr}/bin/NzbDrone --no-browser"; Restart = "on-failure"; @@ -37,8 +37,11 @@ in }; users.extraUsers.sonarr = { + uid = config.ids.uids.sonarr; home = "/var/lib/sonarr"; + group = "sonarr"; }; + users.extraGroups.sonarr.gid = config.ids.gids.sonarr; }; }