system/machines/magenta/services/woodpecker/common.nix

28 lines
729 B
Nix

let
data = import ./data.secret.nix;
inherit (data) userServer userAgent group;
in
{
users.groups.${group} = { };
users.users.${userServer} = {
description = "Woodpecker CI Server";
isSystemUser = true;
createHome = true;
inherit group;
};
users.users.${userAgent} = {
isSystemUser = true;
inherit group;
};
users.groups.docker.members = [ userAgent userServer ];
age.secrets.woodpecker-common-env.file = ../../../../secrets/woodpecker-common-env.age;
age.secrets.woodpecker-server-env.file = ../../../../secrets/woodpecker-server-env.age;
age.secrets.woodpecker-docker-config = {
file = ../../../../secrets/docker-config.json.age;
mode = "440";
inherit group;
};
}