From fff9cf00fd1cb7e0c7646683ba719304a3cac710 Mon Sep 17 00:00:00 2001 From: Jonas Heinrich Date: Tue, 11 May 2021 23:45:22 +0200 Subject: caddy: support user and group options --- nixos/modules/services/web-servers/caddy.nix | 33 +++++++++++++++++++++------- 1 file changed, 25 insertions(+), 8 deletions(-) diff --git a/nixos/modules/services/web-servers/caddy.nix b/nixos/modules/services/web-servers/caddy.nix index 6ecfc113ca2..955b9756406 100644 --- a/nixos/modules/services/web-servers/caddy.nix +++ b/nixos/modules/services/web-servers/caddy.nix @@ -63,6 +63,18 @@ in { ''; }; + user = mkOption { + default = "caddy"; + type = types.str; + description = "User account under which caddy runs."; + }; + + group = mkOption { + default = "caddy"; + type = types.str; + description = "Group account under which caddy runs."; + }; + adapter = mkOption { default = "caddyfile"; example = "nginx"; @@ -123,8 +135,8 @@ in { ExecStart = "${cfg.package}/bin/caddy run --config ${configJSON}"; ExecReload = "${cfg.package}/bin/caddy reload --config ${configJSON}"; Type = "simple"; - User = "caddy"; - Group = "caddy"; + User = cfg.user; + Group = cfg.group; Restart = "on-abnormal"; AmbientCapabilities = "cap_net_bind_service"; CapabilityBoundingSet = "cap_net_bind_service"; @@ -142,13 +154,18 @@ in { }; }; - users.users.caddy = { - group = "caddy"; - uid = config.ids.uids.caddy; - home = cfg.dataDir; - createHome = true; + users.users = optionalAttrs (cfg.user == "caddy") { + caddy = { + group = cfg.group; + uid = config.ids.uids.caddy; + home = cfg.dataDir; + createHome = true; + }; + }; + + users.groups = optionalAttrs (cfg.group == "caddy") { + caddy.gid = config.ids.gids.caddy; }; - users.groups.caddy.gid = config.ids.uids.caddy; }; } -- cgit 1.4.1