fix: create steward and benefice users/groups

Ideally, this should not be necessary, but it's required due to #109 Signed-off-by: Roman Volosatovs <[email protected]>
profianinc · Aug 9, 2022 · 9899c35 · 9899c35
1 parent f3f1722
commit 9899c35
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 0 deletions.
diff --git a/nixosConfigurations/services/benefice.nix b/nixosConfigurations/services/benefice.nix
@@ -32,6 +32,13 @@ with flake-utils.lib.system; let
       sops.secrets.oidc-secret.sopsFile = "${self}/hosts/${config.networking.fqdn}/oidc-secret";
 
       systemd.services.benefice = self.lib.systemd.withSecret config pkgs "benefice" "oidc-secret";
+
+      # Workaround for https://github.com/profianinc/infrastructure/issues/109
+
+      users.groups.benefice = {};
+
+      users.users.benefice.isSystemUser = true;
+      users.users.benefice.group = config.users.groups.benefice.name;
     })
   ];
 

diff --git a/nixosConfigurations/services/steward.nix b/nixosConfigurations/services/steward.nix
@@ -23,6 +23,13 @@ with flake-utils.lib.system; let
       sops.secrets.key.sopsFile = "${self}/hosts/${config.networking.fqdn}/steward.key";
 
       systemd.services.steward = self.lib.systemd.withSecret config pkgs "steward" "key";
+
+      # Workaround for https://github.com/profianinc/infrastructure/issues/109
+
+      users.groups.steward = {};
+
+      users.users.steward.isSystemUser = true;
+      users.users.steward.group = config.users.groups.steward.name;
     })
   ];