pyrox.dev
Merge pull request #122647 from onny/caddy
nixos/caddy: support user and group options
authored by Aaron Andersen and committed by GitHub 21f5dd5c 82f66a40
+25
-8
nixos/modules/services/web-servers/caddy.nix
+25
-8
nixos/modules/services/web-servers/caddy.nix
···
63
63
'';
64
64
};
65
65
66
+
user = mkOption {
67
+
default = "caddy";
68
+
type = types.str;
69
+
description = "User account under which caddy runs.";
70
+
};
71
+
72
+
group = mkOption {
73
+
default = "caddy";
74
+
type = types.str;
75
+
description = "Group account under which caddy runs.";
76
+
};
77
+
66
78
adapter = mkOption {
67
79
default = "caddyfile";
68
80
example = "nginx";
···
123
135
ExecStart = "${cfg.package}/bin/caddy run --config ${configJSON}";
124
136
ExecReload = "${cfg.package}/bin/caddy reload --config ${configJSON}";
125
137
Type = "simple";
126
-
User = "caddy";
127
-
Group = "caddy";
138
+
User = cfg.user;
139
+
Group = cfg.group;
128
140
Restart = "on-abnormal";
129
141
AmbientCapabilities = "cap_net_bind_service";
130
142
CapabilityBoundingSet = "cap_net_bind_service";
···
142
154
};
143
155
};
144
156
145
-
users.users.caddy = {
146
-
group = "caddy";
147
-
uid = config.ids.uids.caddy;
148
-
home = cfg.dataDir;
149
-
createHome = true;
157
+
users.users = optionalAttrs (cfg.user == "caddy") {
158
+
caddy = {
159
+
group = cfg.group;
160
+
uid = config.ids.uids.caddy;
161
+
home = cfg.dataDir;
162
+
createHome = true;
163
+
};
164
+
};
165
+
166
+
users.groups = optionalAttrs (cfg.group == "caddy") {
167
+
caddy.gid = config.ids.gids.caddy;
150
168
};
151
169
152
-
users.groups.caddy.gid = config.ids.uids.caddy;
153
170
};
154
171
}