diff --git a/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml
index 5dc0f1b15b34..7c58539bcafa 100644
--- a/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml
+++ b/nixos/doc/manual/from_md/release-notes/rl-2111.section.xml
@@ -656,8 +656,11 @@
no longer need be granted the entire set of
plugdev group permissions, which can
include permissions other than those required by
- openrazer. This can be desirable from a
- security point of view.
+ openrazer. This is desirable from a
+ security point of view. The setting
+ harware.openrazer.users
+ can be used to add users to the openrazer
+ group.
diff --git a/nixos/doc/manual/release-notes/rl-2111.section.md b/nixos/doc/manual/release-notes/rl-2111.section.md
index be83ab2d6a44..ee40b509d0e7 100644
--- a/nixos/doc/manual/release-notes/rl-2111.section.md
+++ b/nixos/doc/manual/release-notes/rl-2111.section.md
@@ -164,7 +164,7 @@ pt-services.clipcat.enable).
- `programs.neovim.runtime` switched to a `linkFarm` internally, making it impossible to use wildcards in the `source` argument.
-- The `openrazer` and `openrazer-daemon` packages as well as the `hardware.openrazer` module now require users to be members of the `openrazer` group instead of `plugdev`. With this change, users no longer need be granted the entire set of `plugdev` group permissions, which can include permissions other than those required by `openrazer`. This can be desirable from a security point of view.
+- The `openrazer` and `openrazer-daemon` packages as well as the `hardware.openrazer` module now require users to be members of the `openrazer` group instead of `plugdev`. With this change, users no longer need be granted the entire set of `plugdev` group permissions, which can include permissions other than those required by `openrazer`. This is desirable from a security point of view. The setting [`harware.openrazer.users`](options.html#opt-services.hardware.openrazer.users) can be used to add users to the `openrazer` group.
## Other Notable Changes {#sec-release-21.11-notable-changes}
diff --git a/nixos/modules/hardware/openrazer.nix b/nixos/modules/hardware/openrazer.nix
index b4c1ddd1b336..bd9fc485e17e 100644
--- a/nixos/modules/hardware/openrazer.nix
+++ b/nixos/modules/hardware/openrazer.nix
@@ -51,8 +51,6 @@ in
hardware.openrazer = {
enable = mkEnableOption ''
OpenRazer drivers and userspace daemon.
- Any users that wish to make use of the daemon need to be
- members of the "openrazer" group.
'';
verboseLogging = mkOption {
@@ -96,6 +94,15 @@ in
generate a heatmap.
'';
};
+
+ users = mkOption {
+ type = with types; listOf str;
+ default = [];
+ description = ''
+ Usernames to be added to the "openrazer" group, so that they
+ can start and interact with the OpenRazer userspace daemon.
+ '';
+ };
};
};
@@ -113,7 +120,9 @@ in
# A user must be a member of the openrazer group in order to start
# the openrazer-daemon. Therefore we make sure that the group
# exists.
- users.groups.openrazer = {};
+ users.groups.openrazer = {
+ members = cfg.users;
+ };
systemd.user.services.openrazer-daemon = {
description = "Daemon to manage razer devices in userspace";