# This module defines the global list of uids and gids. We keep a # central list to prevent id collisions. # IMPORTANT! # We only add static uids and gids for services where it is not feasible # to change uids/gids on service start, in example a service with a lot of # files. Please also check if the service is applicable for systemd's # DynamicUser option and does not need a uid/gid allocation at all. # Systemd can also change ownership of service directories using the # RuntimeDirectory/StateDirectory options. { lib, ... }: let inherit (lib) types; in { options = { ids.uids = lib.mkOption { internal = true; description = '' The user IDs used in NixOS. ''; type = types.attrsOf types.int; }; ids.gids = lib.mkOption { internal = true; description = '' The group IDs used in NixOS. ''; type = types.attrsOf types.int; }; }; config = { ids.uids = { root = 0; #wheel = 1; # unused #kmem = 2; # unused #tty = 3; # unused messagebus = 4; # D-Bus haldaemon = 5; #disk = 6; # unused vsftpd = 7; ftp = 8; bitlbee = 9; #avahi = 10; # removed 2019-05-22 nagios = 11; atd = 12; postfix = 13; #postdrop = 14; # unused dovecot = 15; tomcat = 16; #audio = 17; # unused #floppy = 18; # unused uucp = 19; #lp = 20; # unused #proc = 21; # unused pulseaudio = 22; # must match `pulseaudio' GID gpsd = 23; #cdrom = 24; # unused #tape = 25; # unused #video = 26; # unused #dialout = 27; # unused polkituser = 28; #utmp = 29; # unused # ddclient = 30; # converted to DynamicUser = true davfs2 = 31; disnix = 33; osgi = 34; tor = 35; cups = 36; foldingathome = 37; sabnzbd = 38; #kdm = 39; # dropped in 17.03 #ghostone = 40; # dropped in 18.03 git = 41; #fourstore = 42; # dropped in 20.03 #fourstorehttp = 43; # dropped in 20.03 virtuoso = 44; rtkit = 45; dovecot2 = 46; dovenull2 = 47; prayer = 49; mpd = 50; clamav = 51; fprot = 52; bind = 53; wwwrun = 54; #adm = 55; # unused spamd = 56; #networkmanager = 57; # unused nslcd = 58; scanner = 59; nginx = 60; chrony = 61; #systemd-journal = 62; # unused smtpd = 63; smtpq = 64; supybot = 65; iodined = 66; #libvirtd = 67; # unused graphite = 68; #statsd = 69; # removed 2018-11-14 transmission = 70; postgres = 71; #vboxusers = 72; # unused #vboxsf = 73; # unused smbguest = 74; # unused varnish = 75; datadog = 76; lighttpd = 77; lightdm = 78; freenet = 79; ircd = 80; bacula = 81; #almir = 82; # removed 2018-03-25, the almir package was removed in 30291227f2411abaca097773eedb49b8f259e297 during 2017-08 deluge = 83; mysql = 84; rabbitmq = 85; activemq = 86; gnunet = 87; oidentd = 88; quassel = 89; amule = 90; minidlna = 91; elasticsearch = 92; tcpcryptd = 93; # tcpcryptd uses a hard-coded uid. We patch it in Nixpkgs to match this choice. firebird = 95; #keys = 96; # unused #haproxy = 97; # dynamically allocated as of 2020-03-11 mongodb = 98; #openldap = 99; # dynamically allocated as of PR#94610 #users = 100; # unused cgminer = 101; munin = 102; logcheck = 103; nix-ssh = 104; dictd = 105; couchdb = 106; #searx = 107; # dynamically allocated as of 2020-10-27 kippo = 108; jenkins = 109; systemd-journal-gateway = 110; #notbit = 111; # unused aerospike = 111; ngircd = 112; #btsync = 113; # unused minecraft = 114; vault = 115; rippled = 116; murmur = 117; foundationdb = 118; newrelic = 119; starbound = 120; hydra = 122; spiped = 123; teamspeak = 124; influxdb = 125; nsd = 126; gitolite = 127; znc = 128; polipo = 129; mopidy = 130; #docker = 131; # unused gdm = 132; dhcpd = 133; siproxd = 134; mlmmj = 135; neo4j = 136; riemann = 137; riemanndash = 138; radvd = 139; zookeeper = 140; dnsmasq = 141; uhub = 142; yandexdisk = 143; mxisd = 144; # was once collectd consul = 145; mailpile = 146; redmine = 147; #seeks = 148; # removed 2020-06-21 prosody = 149; i2pd = 150; systemd-network = 152; systemd-resolve = 153; systemd-timesync = 154; liquidsoap = 155; etcd = 156; hbase = 158; opentsdb = 159; scollector = 160; bosun = 161; kubernetes = 162; peerflix = 163; #chronos = 164; # removed 2020-08-15 gitlab = 165; tox-bootstrapd = 166; cadvisor = 167; nylon = 168; apache-kafka = 169; #panamax = 170; # unused exim = 172; #fleet = 173; # unused #input = 174; # unused sddm = 175; tss = 176; #memcached = 177; removed 2018-01-03 ntp = 179; zabbix = 180; #redis = 181; removed 2018-01-03 unifi = 183; uptimed = 184; zope2 = 185; ripple-data-api = 186; mediatomb = 187; rdnssd = 188; ihaskell = 189; i2p = 190; lambdabot = 191; asterisk = 192; plex = 193; plexpy = 195; grafana = 196; skydns = 197; # ripple-rest = 198; # unused, removed 2017-08-12 # nix-serve = 199; # unused, removed 2020-12-12 tvheadend = 200; uwsgi = 201; gitit = 202; riemanntools = 203; subsonic = 204; riak = 205; shout = 206; gateone = 207; namecoin = 208; #lxd = 210; # unused kibana = 211; xtreemfs = 212; calibre-server = 213; heapster = 214; bepasty = 215; # pumpio = 216; # unused, removed 2018-02-24 nm-openvpn = 217; # mathics = 218; # unused, removed 2020-08-15 ejabberd = 219; postsrsd = 220; opendkim = 221; dspam = 222; # gale = 223; removed 2021-06-10 matrix-synapse = 224; rspamd = 225; # rmilter = 226; # unused, removed 2019-08-22 cfdyndns = 227; gammu-smsd = 228; pdnsd = 229; octoprint = 230; avahi-autoipd = 231; nntp-proxy = 232; mjpg-streamer = 233; radicale = 234; hydra-queue-runner = 235; hydra-www = 236; syncthing = 237; caddy = 239; taskd = 240; # factorio = 241; # DynamicUser = true # emby = 242; # unusued, removed 2019-05-01 graylog = 243; sniproxy = 244; nzbget = 245; mosquitto = 246; toxvpn = 247; # squeezelite = 248; # DynamicUser = true turnserver = 249; smokeping = 250; gocd-agent = 251; gocd-server = 252; terraria = 253; mattermost = 254; prometheus = 255; telegraf = 256; gitlab-runner = 257; postgrey = 258; hound = 259; leaps = 260; ipfs = 261; # stanchion = 262; # unused, removed 2020-10-14 # riak-cs = 263; # unused, removed 2020-10-14 infinoted = 264; sickbeard = 265; headphones = 266; couchpotato = 267; gogs = 268; #pdns-recursor = 269; # dynamically allocated as of 2020-20-18 #kresd = 270; # switched to "knot-resolver" with dynamic ID rpc = 271; #geoip = 272; # new module uses DynamicUser fcron = 273; sonarr = 274; radarr = 275; jackett = 276; aria2 = 277; clickhouse = 278; rslsync = 279; minio = 280; kanboard = 281; # pykms = 282; # DynamicUser = true kodi = 283; restya-board = 284; mighttpd2 = 285; hass = 286; #monero = 287; # dynamically allocated as of 2021-05-08 ceph = 288; duplicati = 289; monetdb = 290; restic = 291; openvpn = 292; # meguca = 293; # removed 2020-08-21 yarn = 294; hdfs = 295; mapred = 296; hadoop = 297; hydron = 298; cfssl = 299; cassandra = 300; qemu-libvirtd = 301; # kvm = 302; # unused # render = 303; # unused # zeronet = 304; # removed 2019-01-03 lirc = 305; lidarr = 306; slurm = 307; kapacitor = 308; solr = 309; alerta = 310; minetest = 311; rss2email = 312; cockroachdb = 313; zoneminder = 314; paperless = 315; #mailman = 316; # removed 2019-08-30 zigbee2mqtt = 317; # shadow = 318; # unused # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399! nixbld = 30000; # start of range of uids nobody = 65534; }; ids.gids = { root = 0; wheel = 1; kmem = 2; tty = 3; messagebus = 4; # D-Bus haldaemon = 5; disk = 6; vsftpd = 7; ftp = 8; bitlbee = 9; #avahi = 10; # removed 2019-05-22 #nagios = 11; # unused atd = 12; postfix = 13; postdrop = 14; dovecot = 15; tomcat = 16; audio = 17; floppy = 18; uucp = 19; lp = 20; proc = 21; pulseaudio = 22; # must match `pulseaudio' UID gpsd = 23; cdrom = 24; tape = 25; video = 26; dialout = 27; #polkituser = 28; # currently unused, polkitd doesn't need a group utmp = 29; # ddclient = 30; # converted to DynamicUser = true davfs2 = 31; disnix = 33; osgi = 34; tor = 35; #cups = 36; # unused #foldingathome = 37; # unused #sabnzd = 38; # unused #kdm = 39; # unused, even before 17.03 #ghostone = 40; # dropped in 18.03 git = 41; fourstore = 42; fourstorehttp = 43; virtuoso = 44; #rtkit = 45; # unused dovecot2 = 46; dovenull2 = 47; prayer = 49; mpd = 50; clamav = 51; fprot = 52; #bind = 53; # unused wwwrun = 54; adm = 55; spamd = 56; networkmanager = 57; nslcd = 58; scanner = 59; nginx = 60; chrony = 61; systemd-journal = 62; smtpd = 63; smtpq = 64; supybot = 65; iodined = 66; libvirtd = 67; graphite = 68; #statsd = 69; # removed 2018-11-14 transmission = 70; postgres = 71; vboxusers = 72; vboxsf = 73; smbguest = 74; # unused varnish = 75; datadog = 76; lighttpd = 77; lightdm = 78; freenet = 79; ircd = 80; bacula = 81; #almir = 82; # removed 2018-03-25, the almir package was removed in 30291227f2411abaca097773eedb49b8f259e297 during 2017-08 deluge = 83; mysql = 84; rabbitmq = 85; activemq = 86; gnunet = 87; oidentd = 88; quassel = 89; amule = 90; minidlna = 91; elasticsearch = 92; #tcpcryptd = 93; # unused firebird = 95; keys = 96; #haproxy = 97; # dynamically allocated as of 2020-03-11 #mongodb = 98; # unused #openldap = 99; # dynamically allocated as of PR#94610 munin = 102; #logcheck = 103; # unused #nix-ssh = 104; # unused dictd = 105; couchdb = 106; #searx = 107; # dynamically allocated as of 2020-10-27 kippo = 108; jenkins = 109; systemd-journal-gateway = 110; #notbit = 111; # unused aerospike = 111; #ngircd = 112; # unused #btsync = 113; # unused #minecraft = 114; # unused vault = 115; #ripped = 116; # unused murmur = 117; foundationdb = 118; newrelic = 119; starbound = 120; hydra = 122; spiped = 123; teamspeak = 124; influxdb = 125; nsd = 126; gitolite = 127; znc = 128; polipo = 129; mopidy = 130; docker = 131; gdm = 132; #dhcpcd = 133; # unused siproxd = 134; mlmmj = 135; #neo4j = 136; # unused riemann = 137; riemanndash = 138; #radvd = 139; # unused #zookeeper = 140; # unused #dnsmasq = 141; # unused uhub = 142; #yandexdisk = 143; # unused mxisd = 144; # was once collectd #consul = 145; # unused mailpile = 146; redmine = 147; #seeks = 148; # removed 2020-06-21 prosody = 149; i2pd = 150; systemd-network = 152; systemd-resolve = 153; systemd-timesync = 154; liquidsoap = 155; #etcd = 156; # unused hbase = 158; opentsdb = 159; scollector = 160; bosun = 161; kubernetes = 162; #peerflix = 163; # unused #chronos = 164; # unused gitlab = 165; nylon = 168; #panamax = 170; # unused exim = 172; #fleet = 173; # unused input = 174; sddm = 175; tss = 176; #memcached = 177; # unused, removed 2018-01-03 #ntp = 179; # unused zabbix = 180; #redis = 181; # unused, removed 2018-01-03 #unifi = 183; # unused #uptimed = 184; # unused #zope2 = 185; # unused #ripple-data-api = 186; #unused mediatomb = 187; #rdnssd = 188; # unused ihaskell = 189; i2p = 190; lambdabot = 191; asterisk = 192; plex = 193; sabnzbd = 194; #grafana = 196; #unused #skydns = 197; #unused # ripple-rest = 198; # unused, removed 2017-08-12 #nix-serve = 199; #unused #tvheadend = 200; #unused uwsgi = 201; gitit = 202; riemanntools = 203; subsonic = 204; riak = 205; #shout = 206; #unused gateone = 207; namecoin = 208; lxd = 210; # unused #kibana = 211; xtreemfs = 212; calibre-server = 213; bepasty = 215; # pumpio = 216; # unused, removed 2018-02-24 nm-openvpn = 217; mathics = 218; ejabberd = 219; postsrsd = 220; opendkim = 221; dspam = 222; # gale = 223; removed 2021-06-10 matrix-synapse = 224; rspamd = 225; # rmilter = 226; # unused, removed 2019-08-22 cfdyndns = 227; pdnsd = 229; octoprint = 230; radicale = 234; syncthing = 237; caddy = 239; taskd = 240; # factorio = 241; # unused # emby = 242; # unused, removed 2019-05-01 sniproxy = 244; nzbget = 245; mosquitto = 246; #toxvpn = 247; # unused #squeezelite = 248; #unused turnserver = 249; smokeping = 250; gocd-agent = 251; gocd-server = 252; terraria = 253; mattermost = 254; prometheus = 255; #telegraf = 256; # unused gitlab-runner = 257; postgrey = 258; hound = 259; leaps = 260; ipfs = 261; # stanchion = 262; # unused, removed 2020-10-14 # riak-cs = 263; # unused, removed 2020-10-14 infinoted = 264; sickbeard = 265; headphones = 266; couchpotato = 267; gogs = 268; #kresd = 270; # switched to "knot-resolver" with dynamic ID #rpc = 271; # unused #geoip = 272; # unused fcron = 273; sonarr = 274; radarr = 275; jackett = 276; aria2 = 277; clickhouse = 278; rslsync = 279; minio = 280; kanboard = 281; # pykms = 282; # DynamicUser = true kodi = 283; restya-board = 284; mighttpd2 = 285; hass = 286; # monero = 287; # dynamically allocated as of 2021-05-08 ceph = 288; duplicati = 289; monetdb = 290; restic = 291; openvpn = 292; # meguca = 293; # removed 2020-08-21 yarn = 294; hdfs = 295; mapred = 296; hadoop = 297; hydron = 298; cfssl = 299; cassandra = 300; qemu-libvirtd = 301; kvm = 302; # default udev rules from systemd requires these render = 303; # default udev rules from systemd requires these # zeronet = 304; # removed 2019-01-03 lirc = 305; lidarr = 306; slurm = 307; kapacitor = 308; solr = 309; alerta = 310; minetest = 311; rss2email = 312; cockroachdb = 313; zoneminder = 314; paperless = 315; #mailman = 316; # removed 2019-08-30 zigbee2mqtt = 317; shadow = 318; # When adding a gid, make sure it doesn't match an existing # uid. Users and groups with the same name should have equal # uids and gids. Also, don't use gids above 399! users = 100; nixbld = 30000; nogroup = 65534; }; }; }