From a4d07290cba3208a2ff930c8cfb594ff809ec7ad Mon Sep 17 00:00:00 2001
From: Nadrieril <nadrieril@gmail.com>
Date: Fri, 21 Jul 2017 20:15:27 +0100
Subject: rsync service: allow running as not root

---
 .../services/network-filesystems/rsyncd.nix        | 25 ++++++++++++++++++++--
 1 file changed, 23 insertions(+), 2 deletions(-)

(limited to 'nixos/modules/services/network-filesystems/rsyncd.nix')

diff --git a/nixos/modules/services/network-filesystems/rsyncd.nix b/nixos/modules/services/network-filesystems/rsyncd.nix
index 0759fcc2a3b..054057d52ab 100644
--- a/nixos/modules/services/network-filesystems/rsyncd.nix
+++ b/nixos/modules/services/network-filesystems/rsyncd.nix
@@ -83,6 +83,24 @@ in
           };
       };
 
+      user = mkOption {
+        type = types.str;
+        default = "root";
+        description = ''
+          The user to run the daemon as.
+          By default the daemon runs as root.
+        '';
+      };
+
+      group = mkOption {
+        type = types.str;
+        default = "root";
+        description = ''
+          The group to run the daemon as.
+          By default the daemon runs as root.
+        '';
+      };
+
     };
   };
 
@@ -96,8 +114,11 @@ in
       description = "Rsync daemon";
       wantedBy = [ "multi-user.target" ];
       restartTriggers = [ config.environment.etc."rsyncd.conf".source ];
-      serviceConfig.ExecStart = "${pkgs.rsync}/bin/rsync --daemon --no-detach";
+      serviceConfig = {
+        ExecStart = "${pkgs.rsync}/bin/rsync --daemon --no-detach";
+        User = cfg.user;
+        Group = cfg.group;
+      };
     };
-
   };
 }
-- 
cgit 1.4.1