public
/
nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

caddy: support user and group options

This commit is contained in:
Jonas Heinrich 2021-05-11 23:45:22 +02:00
parent 85784a66c8
commit fff9cf00fd
1 changed files with 25 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
nixos/modules/services/web-servers/caddy.nix
View File

@ -63,6 +63,18 @@ in {
''; '';
}; };
user = mkOption {
default = "caddy";
type = types.str;
description = "User account under which caddy runs.";
};
group = mkOption {
default = "caddy";
type = types.str;
description = "Group account under which caddy runs.";
};
adapter = mkOption { adapter = mkOption {
default = "caddyfile"; default = "caddyfile";
example = "nginx"; example = "nginx";
@ -123,8 +135,8 @@ in {
ExecStart = "${cfg.package}/bin/caddy run --config ${configJSON}"; ExecStart = "${cfg.package}/bin/caddy run --config ${configJSON}";
ExecReload = "${cfg.package}/bin/caddy reload --config ${configJSON}"; ExecReload = "${cfg.package}/bin/caddy reload --config ${configJSON}";
Type = "simple"; Type = "simple";
User = "caddy"; User = cfg.user;
Group = "caddy"; Group = cfg.group;
Restart = "on-abnormal"; Restart = "on-abnormal";
AmbientCapabilities = "cap_net_bind_service"; AmbientCapabilities = "cap_net_bind_service";
CapabilityBoundingSet = "cap_net_bind_service"; CapabilityBoundingSet = "cap_net_bind_service";
@ -142,13 +154,18 @@ in {
}; };
}; };
users.users.caddy = { users.users = optionalAttrs (cfg.user == "caddy") {
group = "caddy"; caddy = {
uid = config.ids.uids.caddy; group = cfg.group;
home = cfg.dataDir; uid = config.ids.uids.caddy;
createHome = true; home = cfg.dataDir;
createHome = true;
};
};
users.groups = optionalAttrs (cfg.group == "caddy") {
caddy.gid = config.ids.gids.caddy;
}; };
users.groups.caddy.gid = config.ids.uids.caddy;
}; };
} }