users: add isSystemUser and group

nixcloud · Mar 21, 2022 · f74fb54 · f74fb54
1 parent 63cc00a
commit f74fb54
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 4 deletions.
diff --git a/modules/services/TLS/default.nix b/modules/services/TLS/default.nix
@@ -305,12 +305,18 @@ in
       }
     ];
 
-    users.groups = fold (identifier: con: con // {
+    users.groups = (fold (identifier: con: con // {
       "${filterIdentifier identifier}" = let c = config.nixcloud.TLS.certs.${identifier}; in { members = c.users; };
-    }) {} (attrNames config.nixcloud.TLS.certs);
+    }) {} (attrNames config.nixcloud.TLS.certs))
+    // optionalAttrs (acmeSupplied != []) {
+      nixcloud-lego-user = {};
+    };
 
     users.users = optionalAttrs (acmeSupplied != []) {
-      nixcloud-lego-user = {};
+      nixcloud-lego-user = {
+        isSystemUser = true;
+        group = "nixcloud-lego-user";
+      };
     };
 
     systemd.services = listToAttrs (selfsignedTargets ++ userSuppliedTargets ++ acmeSupplied ++ acmeSuppliedPreliminary);

diff --git a/modules/services/reverse-proxy/default.nix b/modules/services/reverse-proxy/default.nix
@@ -393,7 +393,10 @@ in
     };
 
 
-    users.extraUsers."${user}".group = "${group}";
+    users.extraUsers."${user}" = {
+      group = "${group}";
+      isSystemUser = true;
+    };
 
     users.extraGroups."${user}" = {};