firefox.syncserver service: No need for configurable user

2017-09-27 15:53:12 +01:00 · 2017-09-27 15:53:12 +01:00 · f90b3dcf05
commit f90b3dcf05
parent d8787a8aac
1 changed files with 12 additions and 27 deletions
--- a/nixos/modules/services/networking/firefox/sync-server.nix
+++ b/nixos/modules/services/networking/firefox/sync-server.nix
@ -70,18 +70,6 @@ in
        '';
      };

-      user = mkOption {
-        type = types.str;
-        default = "syncserver";
-        description = "User account under which syncserver runs.";
-      };
-
-      group = mkOption {
-        type = types.str;
-        default = "syncserver";
-        description = "Group account under which syncserver runs.";
-      };
-
      publicUrl = mkOption {
        type = types.str;
        default = "http://localhost:5000/";
@ -138,6 +126,8 @@ in

    systemd.services.syncserver = let
      syncServerEnv = pkgs.python.withPackages(ps: with ps; [ syncserver pasteScript ]);
+      user = "syncserver";
+      group = "syncserver";
    in {
      after = [ "network.target" ];
      description = "Firefox Sync Server";
@ -145,8 +135,8 @@ in
      path = [ pkgs.coreutils syncServerEnv ];

      serviceConfig = {
-        User = cfg.user;
-        Group = cfg.group;
+        User = user;
+        Group = group;
        PermissionsStartOnly = true;
      };

@ -156,32 +146,27 @@ in
          echo  > ${cfg.privateConfig} '[syncserver]'
          echo >> ${cfg.privateConfig} "secret = $(head -c 20 /dev/urandom | sha1sum | tr -d ' -')"
        fi
-        chown ${cfg.user}:${cfg.group} ${cfg.privateConfig}
+        chown ${user}:${group} ${cfg.privateConfig}
      '' + optionalString (cfg.sqlUri == defaultSqlUri) ''
        if ! test -e $(dirname ${defaultDbLocation}); then
          mkdir -m 700 -p $(dirname ${defaultDbLocation})
-          chown ${cfg.user}:${cfg.group} $(dirname ${defaultDbLocation})
+          chown ${user}:${group} $(dirname ${defaultDbLocation})
        fi
        # Move previous database file if it exists
        oldDb="/var/db/firefox-sync-server.db"
        if test -f $oldDb; then
          mv $oldDb ${defaultDbLocation}
-          chown ${cfg.user}:${cfg.group} ${defaultDbLocation}
+          chown ${user}:${group} ${defaultDbLocation}
        fi
      '';
      serviceConfig.ExecStart = "${syncServerEnv}/bin/paster serve ${syncServerIni}";
    };

-    users.extraUsers = optionalAttrs (cfg.user == "syncserver")
-      (singleton {
-        name = "syncserver";
-        group = cfg.group;
+    users.users.syncserver = {
+      group = "syncserver";
      isSystemUser = true;
-      });
+    };

-    users.extraGroups = optionalAttrs (cfg.group == "syncserver")
-      (singleton {
-        name = "syncserver";
-      });
+    users.groups.syncserver = {};
  };
 }