colin
/
nix-files
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

nix-serve: fix coredump loop

This commit is contained in:
Colin 2024-01-19 21:34:45 +00:00
parent a725d42bf5
commit fd0723169f
2 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
hosts/common/ids.nix
View File

@ -57,6 +57,8 @@
sane.ids.bitcoind-mainnet.gid = 2418;
sane.ids.clightning.uid = 2419;
sane.ids.clightning.gid = 2419;
sane.ids.nix-serve.uid = 2420;
sane.ids.nix-serve.gid = 2420;
sane.ids.colin.uid = 1000;
sane.ids.guest.uid = 1100;

8
modules/services/nixserve.nix
View File

@ -41,6 +41,14 @@ in
inherit (cfg) port secretKeyFile;
};
# XXX(2024/01/19): upstream service specifies `User=nix-serve`, `Group=nix-serve` but doesn't define the users.
# this causes a coredump loop from within a nix-serve subprocess.
users.users.nix-serve = {
group = "nix-serve";
isSystemUser = true;
};
users.groups.nix-serve = {};
# act as a remote builder
nix.settings.trusted-users = [ "nixremote" ];
users.users.nixremote = {