From 62d242d1cdc086a04eb4da6c973a3e8e15c370aa Mon Sep 17 00:00:00 2001 From: Alex Guzman Date: Wed, 7 Aug 2019 12:27:52 -0700 Subject: [PATCH] roon-server: Add actual user piping Adds defined IDs --- nixos/modules/misc/ids.nix | 2 ++ nixos/modules/services/audio/roon-server.nix | 27 +++++++++++++++++++- 2 files changed, 28 insertions(+), 1 deletion(-) diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index 1047df95cdf5..225068d76403 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -340,6 +340,7 @@ cockroachdb = 313; zoneminder = 314; paperless = 315; + roon-server = 316; # When adding a uid, make sure it doesn't match an existing gid. And don't use uids above 399! @@ -640,6 +641,7 @@ cockroachdb = 313; zoneminder = 314; paperless = 315; + roon-server = 316; # When adding a gid, make sure it doesn't match an existing # uid. Users and groups with the same name should have equal diff --git a/nixos/modules/services/audio/roon-server.nix b/nixos/modules/services/audio/roon-server.nix index a1683a24c10f..81980c8f6b28 100644 --- a/nixos/modules/services/audio/roon-server.nix +++ b/nixos/modules/services/audio/roon-server.nix @@ -19,6 +19,20 @@ in { TCP: 9100 - 9200 ''; }; + user = mkOption { + type = types.string; + default = "roon-server"; + description = '' + User to run the Roon Server as. + ''; + }; + group = mkOption { + type = types.string; + default = "roon-server"; + description = '' + Group to run the Roon Server as. + ''; + }; }; }; @@ -33,7 +47,7 @@ in { serviceConfig = { ExecStart = "${pkgs.roon-server}/opt/start.sh"; LimitNOFILE = 8192; - SupplementaryGroups = "audio"; + User = cfg.user; }; }; @@ -43,5 +57,16 @@ in { ]; allowedUDPPorts = [ 9003 ]; }; + + users.groups = singleton { + name = cfg.group; + gid = config.ids.gids.roon-server; + }; + users.users = singleton { + name = cfg.user; + description = "Roon Server user"; + uid = config.ids.uids.roon-server; + groups = [ cfg.group "audio" ]; + }; }; }