nixpkgs/nixos/modules/services/continuous-integration/jenkins/user.nix

{ config, pkgs, ... }:
with pkgs.lib;
let
  cfg = config.users.jenkins;
in {
  options = {
    users.jenkins = {
      enable = mkOption {
        type = types.bool;
        default = false;
        description = ''
          Whether to enable the jenkins user. By default enabling a jenkins service enables the
          jenkins user. The "user" config property of the service can be used to select a different
          user.
        '';
      };

      extraGroups = mkOption {
        default = [];
        type = with types; listOf string;
        description = ''
          Extra groups of the "jenkins" user.
        '';
      };

      group = mkOption {
        default = "jenkins";
        description = ''
          Default group of "jenkins" user.
        '';
      };

      home = mkOption {
        default = "/var/lib/jenkins";
        type = types.string;
        description = ''
          Home of the "jenkins" user and JENKINS_HOME.
        '';
      };
    };
  };

  config = mkIf cfg.enable {
    users.extraGroups = optional (cfg.group == "jenkins") {
      name = "jenkins";
      gid = config.ids.gids.jenkins;
    };

    users.extraUsers = {
      jenkins = {
        description = "jenkins user";
        createHome = true;
        home = cfg.home;
        group = cfg.group;
        extraGroups = cfg.extraGroups;
        useDefaultShell = true;
        uid = config.ids.uids.jenkins;
      };
    };
  };
}
Add jenkins continuous integration server and user. By default the jenkins server is executed under the user "jenkins". Which can be configured using users.jenkins.* options. If a different user is requested by changing services.jenkins.user then none of the users.jenkins options apply. This patch does not include jenkins slave configuration. Some config options will probably change when this is implemented. Aspects like the user and environment are typically identical between slave and master. The service configs are different. The design is for users.jenkins to cover the shared aspects while services.jenkins and services.jenkins-slave cover the master and slave specific aspects, respectively. Another option would be to place everything under services.jenkins and have a config that selects master vs slave. 2014-02-10 12:07:12 -08:00			`{ config, pkgs, ... }:`
			`with pkgs.lib;`
			`let`
			`cfg = config.users.jenkins;`
			`in {`
			`options = {`
			`users.jenkins = {`
			`enable = mkOption {`
			`type = types.bool;`
			`default = false;`
			`description = ''`
			`Whether to enable the jenkins user. By default enabling a jenkins service enables the`
			`jenkins user. The "user" config property of the service can be used to select a different`
			`user.`
			`'';`
			`};`

			`extraGroups = mkOption {`
			`default = [];`
			`type = with types; listOf string;`
			`description = ''`
			`Extra groups of the "jenkins" user.`
			`'';`
			`};`

			`group = mkOption {`
			`default = "jenkins";`
			`description = ''`
			`Default group of "jenkins" user.`
			`'';`
			`};`

			`home = mkOption {`
			`default = "/var/lib/jenkins";`
			`type = types.string;`
			`description = ''`
			`Home of the "jenkins" user and JENKINS_HOME.`
			`'';`
			`};`
			`};`
			`};`

			`config = mkIf cfg.enable {`
			`users.extraGroups = optional (cfg.group == "jenkins") {`
			`name = "jenkins";`
			`gid = config.ids.gids.jenkins;`
			`};`

			`users.extraUsers = {`
			`jenkins = {`
			`description = "jenkins user";`
			`createHome = true;`
			`home = cfg.home;`
			`group = cfg.group;`
			`extraGroups = cfg.extraGroups;`
			`useDefaultShell = true;`
			`uid = config.ids.uids.jenkins;`
			`};`
			`};`
			`};`
			`}`