28 lines
729 B
Nix
28 lines
729 B
Nix
let
|
|
data = import ./data.secret.nix;
|
|
inherit (data) userServer userAgent group;
|
|
in
|
|
{
|
|
users.groups.${group} = { };
|
|
|
|
users.users.${userServer} = {
|
|
description = "Woodpecker CI Server";
|
|
isSystemUser = true;
|
|
createHome = true;
|
|
inherit group;
|
|
};
|
|
|
|
users.users.${userAgent} = {
|
|
isSystemUser = true;
|
|
inherit group;
|
|
};
|
|
users.groups.docker.members = [ userAgent userServer ];
|
|
|
|
age.secrets.woodpecker-common-env.file = ../../../../secrets/woodpecker-common-env.age;
|
|
age.secrets.woodpecker-server-env.file = ../../../../secrets/woodpecker-server-env.age;
|
|
age.secrets.woodpecker-docker-config = {
|
|
file = ../../../../secrets/docker-config.json.age;
|
|
mode = "440";
|
|
inherit group;
|
|
};
|
|
}
|