Give backplane-dns-client a group.

Also remove ensure-directories, tmpfiles.rules works fine.
2021-12-08 10:46:40 -08:00 · 2021-12-08 10:46:40 -08:00 · 180b1783c9
commit 180b1783c9
parent 976d47cf2d
2 changed files with 14 additions and 31 deletions
--- a/lib/fudo/client/dns.nix
+++ b/lib/fudo/client/dns.nix
@ -71,11 +71,20 @@ in {

  config = {

-    users.users = {
-      "${cfg.user}" = {
-        isSystemUser = true;
-        createHome = true;
-        home = "/var/home/${cfg.user}";
+    users = {
+      users = {
+        "${cfg.user}" = {
+          isSystemUser = true;
+          createHome = true;
+          home = "/var/home/${cfg.user}";
+          group = cfg.user;
+        };
+      };
+
+      groups = {
+        "${cfg.user}" = {
+          members = cfg.user;
+        };
      };
    };

--- a/lib/fudo/system.nix
+++ b/lib/fudo/system.nix
@ -362,26 +362,6 @@ let
  restrict-address-families = allowed:
    if (allowed == [ ]) then [ "~AF_INET" "~AF_INET6" ] else allowed;

-  dirOpts = { path, ... }: {
-    options = with types; {
-      user = mkOption {
-        type = str;
-        description = "User by whom the directory will be owned.";
-        default = "nobody";
-      };
-      group = mkOption {
-        type = str;
-        description = "Group by which the directory will be owned.";
-        default = "nogroup";
-      };
-      perms = mkOption {
-        type = str;
-        description = "Permission bits to apply to the directory.";
-        default = "0770";
-      };
-    };
-  };
-
 in {
  options.fudo.system = with types; {
    services = mkOption {
@ -395,12 +375,6 @@ in {
      description = "Put tmp filesystem on tmpfs (needs enough RAM).";
      default = true;
    };
-
-    ensure-directories = mkOption {
-      type = attrsOf (submodule dirOpts);
-      description = "A map of required directories to directory properties.";
-      default = { };
-    };
  };

  config = {