summary refs log tree commit diff
path: root/nixos/modules/services/networking/privoxy.nix
diff options
context:
space:
mode:
authorJoachim Fasting <joachifm@fastmail.fm>2016-12-05 12:27:51 +0100
committerJoachim Fasting <joachifm@fastmail.fm>2016-12-05 13:37:08 +0100
commit3dcdc2d2b054933a5812411c44a11bb4114b309e (patch)
tree738e7a286c5e60a178c5bfa7f287d823c2a8ff5c /nixos/modules/services/networking/privoxy.nix
parentad88f1040e2556ba678afb33dac28387ddd3543a (diff)
downloadnixpkgs-3dcdc2d2b054933a5812411c44a11bb4114b309e.tar
nixpkgs-3dcdc2d2b054933a5812411c44a11bb4114b309e.tar.gz
nixpkgs-3dcdc2d2b054933a5812411c44a11bb4114b309e.tar.bz2
nixpkgs-3dcdc2d2b054933a5812411c44a11bb4114b309e.tar.lz
nixpkgs-3dcdc2d2b054933a5812411c44a11bb4114b309e.tar.xz
nixpkgs-3dcdc2d2b054933a5812411c44a11bb4114b309e.tar.zst
nixpkgs-3dcdc2d2b054933a5812411c44a11bb4114b309e.zip
privoxy service: remove static uid
The service owns no data, having a static uid serves no purpose.

This frees up uid/gid 32
Diffstat (limited to 'nixos/modules/services/networking/privoxy.nix')
-rw-r--r--nixos/modules/services/networking/privoxy.nix18
1 files changed, 9 insertions, 9 deletions
diff --git a/nixos/modules/services/networking/privoxy.nix b/nixos/modules/services/networking/privoxy.nix
index e74fe44d76e..49ca839a2c3 100644
--- a/nixos/modules/services/networking/privoxy.nix
+++ b/nixos/modules/services/networking/privoxy.nix
@@ -6,8 +6,6 @@ let
 
   inherit (pkgs) privoxy;
 
-  privoxyUser = "privoxy";
-
   cfg = config.services.privoxy;
 
   confFile = pkgs.writeText "privoxy.conf" ''
@@ -88,18 +86,20 @@ in
   ###### implementation
 
   config = mkIf cfg.enable {
-  
-    users.extraUsers = singleton
-      { name = privoxyUser;
-        uid = config.ids.uids.privoxy;
-        description = "Privoxy daemon user";
-      };
+
+    users.users.privoxy = {
+      isSystemUser = true;
+      home = "/var/empty";
+      group = "privoxy";
+    };
+
+    users.groups.privoxy = {};
 
     systemd.services.privoxy = {
       description = "Filtering web proxy";
       after = [ "network.target" "nss-lookup.target" ];
       wantedBy = [ "multi-user.target" ];
-      serviceConfig.ExecStart = "${privoxy}/sbin/privoxy --no-daemon --user ${privoxyUser} ${confFile}";
+      serviceConfig.ExecStart = "${privoxy}/bin/privoxy --no-daemon --user privoxy ${confFile}";
 
       serviceConfig.PrivateDevices = true;
       serviceConfig.PrivateTmp = true;
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-05-14 13:55:11 +0000