diff options
Diffstat (limited to 'hosts/vps/services')
-rw-r--r-- | hosts/vps/services/git.nix | 7 | ||||
-rw-r--r-- | hosts/vps/services/matrix.nix | 16 |
2 files changed, 16 insertions, 7 deletions
diff --git a/hosts/vps/services/git.nix b/hosts/vps/services/git.nix index 2b6d0a2..84c4241 100644 --- a/hosts/vps/services/git.nix +++ b/hosts/vps/services/git.nix @@ -3,7 +3,8 @@ config, ... }: { - config = let cgit = pkgs.cgit-pink; + config = let + cgit = pkgs.cgit-pink; in { users.groups.git = {}; users.users.git = { @@ -56,6 +57,8 @@ transport fastcgi { env SCRIPT_FILENAME ${cgit}/cgit/cgit.cgi env CGIT_CONFIG ${pkgs.writeText "cgitrc" (pkgs.lib.generators.toKeyValue {} { + about-filter = "${cgit}/lib/cgit/filters/about-formatting.py"; + source-filter = "${cgit}/lib/cgit/filters/syntax-highlighting.py"; css = "/cgit.css"; logo = "/cgit.png"; favicon = "/favicon.ico"; @@ -69,8 +72,6 @@ root-title = "tzlil.net"; root-desc = "Tzlil's Git Repositories"; scan-path = config.users.users.git.home; - about-filter = "${cgit}/lib/cgit/filters/about-formatting.py"; - source-filter = "${cgit}/lib/cgit/filters/syntax-highlighting.py"; logo-link = "/"; readme = ":README.md"; })} diff --git a/hosts/vps/services/matrix.nix b/hosts/vps/services/matrix.nix index 005040f..af38f58 100644 --- a/hosts/vps/services/matrix.nix +++ b/hosts/vps/services/matrix.nix @@ -102,9 +102,17 @@ ensureDatabases = ["dendrite"]; }; + users.groups.dendrite = {}; + users.users.dendrite = { + isSystemUser = true; + description = "dendrite"; + group = "dendrite"; + }; # not needed if i use /var/lib/private , DynamicUser can remap the permissions for the service - # systemd.services.dendrite.serviceConfig.User = "dendrite"; - # systemd.services.dendrite.serviceConfig.Group = "dendrite"; + systemd.services.dendrite.serviceConfig.User = "dendrite"; + systemd.services.dendrite.serviceConfig.Group = "dendrite"; + systemd.services.dendrite.serviceConfig.DynamicUser = lib.mkForce "false"; + environment.persistence."/nix/persist".directories = [ { directory = "/var/lib/postgresql/${config.services.postgresql.package.psqlSchema}"; @@ -114,8 +122,8 @@ { directory = "/var/lib/private/dendrite"; - user = "root"; - group = "root"; + user = "dendrite"; + group = "dendrite"; } ]; |