duplicati: allow changing the user

This commit is contained in:
Domen Kožar 2019-06-25 14:28:03 +02:00
parent 53ac12b25b
commit e8916cc6af
No known key found for this signature in database
GPG Key ID: C2FFBCAFD2C24246

View File

@ -26,6 +26,15 @@ in
Set it to "any" to listen on all available interfaces
'';
};
user = mkOption {
default = "duplicati";
type = types.str;
description = ''
Duplicati runs as it's own user. It will only be able to backup world-readable files.
Run as root with special care.
'';
};
};
};
@ -37,14 +46,19 @@ in
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
User = "duplicati";
User = cfg.user;
PermissionsStartOnly = true;
Group = "duplicati";
ExecStart = "${pkgs.duplicati}/bin/duplicati-server --webservice-interface=${cfg.interface} --webservice-port=${toString cfg.port} --server-datafolder=/var/lib/duplicati";
Restart = "on-failure";
};
preStart = ''
mkdir -p /var/lib/duplicati
chown -R ${cfg.user}:duplicati /var/lib/duplicati
'';
};
users.users.duplicati = {
users.users.duplicati = lib.optionalAttrs (cfg.user == "duplicati") {
uid = config.ids.uids.duplicati;
home = "/var/lib/duplicati";
createHome = true;