nixos/gitolite: use group 'gitolite' instead of 'nogroup'

Having files (git repositories) owned by 'nogroup' is a bad idea.
NixOS · Sep 23, 2017 · 3a58e41 · 3a58e41
1 parent fc2c994
commit 3a58e41
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 1 deletion.
diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix
@@ -426,7 +426,7 @@
       teamspeak = 124;
       influxdb = 125;
       nsd = 126;
-      #gitolite = 127; # unused
+      gitolite = 127;
       znc = 128;
       polipo = 129;
       mopidy = 130;

diff --git a/nixos/modules/services/misc/gitolite.nix b/nixos/modules/services/misc/gitolite.nix
@@ -85,6 +85,14 @@ in
           Gitolite user account. This is the username of the gitolite endpoint.
         '';
       };
+
+      group = mkOption {
+        type = types.str;
+        default = "gitolite";
+        description = ''
+          Primary group of the Gitolite user account.
+        '';
+      };
     };
   };
 
@@ -121,8 +129,10 @@ in
       home            = cfg.dataDir;
       createHome      = true;
       uid             = config.ids.uids.gitolite;
+      group           = cfg.group;
       useDefaultShell = true;
     };
+    users.extraGroups."${cfg.group}".gid = config.ids.gids.gitolite;
 
     systemd.services."gitolite-init" = {
       description = "Gitolite initialization";