lix-project/buildbot-nix
15
0
Fork 0
Code Issues 12 Pull requests 7 Packages Projects Releases Wiki Activity

nixos/master: make buildbot a system user

Browse source
This commit is contained in:
Jörg Thalheim 2023-11-04 09:19:56 +01:00
parent 35a8ad6354
commit fe70af3ad6
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
nix/master.nix
View file

@ -83,8 +83,18 @@ in
}; };
}; };
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
# By default buildbot uses a normal user, which is not a good default, because
# we grant normal users potentially access to other resources. Also
# we don't to be able to ssh into buildbot.
users.users.buildbot = {
isNormalUser = lib.mkForce false;
isSystemUser = true;
};
services.buildbot-master = { services.buildbot-master = {
enable = true; enable = true;
home = "/var/lib/buildbot";
extraImports = '' extraImports = ''
from datetime import timedelta from datetime import timedelta
from buildbot_nix import GithubConfig, NixConfigurator from buildbot_nix import GithubConfig, NixConfigurator