diff --git a/ci/OWNERS b/ci/OWNERS index d438705785723..bf6e070d80e4e 100644 --- a/ci/OWNERS +++ b/ci/OWNERS @@ -102,6 +102,7 @@ nixos/modules/installer/tools/nix-fallback-paths.nix @NixOS/nix-team @raitobeza /nixos/default.nix @infinisil /nixos/lib/from-env.nix @infinisil /nixos/lib/eval-config.nix @infinisil +/nixos/modules/misc/ids.nix @R-VdP /nixos/modules/system/activation/bootspec.nix @grahamc @cole-h @raitobezarius /nixos/modules/system/activation/bootspec.cue @grahamc @cole-h @raitobezarius diff --git a/nixos/modules/hardware/uinput.nix b/nixos/modules/hardware/uinput.nix index 1845d9cfe565d..0adc00e05f96b 100644 --- a/nixos/modules/hardware/uinput.nix +++ b/nixos/modules/hardware/uinput.nix @@ -11,7 +11,7 @@ in config = lib.mkIf cfg.enable { boot.kernelModules = [ "uinput" ]; - users.groups.uinput.gid = config.ids.gids.uinput; + users.groups.uinput = { }; services.udev.extraRules = '' SUBSYSTEM=="misc", KERNEL=="uinput", MODE="0660", GROUP="uinput", OPTIONS+="static_node=uinput" diff --git a/nixos/modules/misc/ids.nix b/nixos/modules/misc/ids.nix index d1347766420a1..fcdffc5209675 100644 --- a/nixos/modules/misc/ids.nix +++ b/nixos/modules/misc/ids.nix @@ -2,12 +2,15 @@ # central list to prevent id collisions. # IMPORTANT! -# We only add static uids and gids for services where it is not feasible -# to change uids/gids on service start, for example a service with a lot of -# files. Please also check if the service is applicable for systemd's -# DynamicUser option and does not need a uid/gid allocation at all. -# Systemd can also change ownership of service directories using the -# RuntimeDirectory/StateDirectory options. +# +# https://github.com/NixOS/rfcs/blob/master/rfcs/0052-dynamic-ids.md +# +# Use of static ids is deprecated within NixOS. Dynamic allocation is +# required, barring special circumstacnes. Please check if the service +# is applicable for systemd's DynamicUser option and does not need a +# uid/gid allocation at all. Systemd can also change ownership of +# service directories using the RuntimeDirectory/StateDirectory +# options. { lib, ... }: @@ -355,7 +358,6 @@ in rstudio-server = 324; localtimed = 325; automatic-timezoned = 326; - whisparr = 328; # When adding a uid, make sure it doesn't match an existing gid. # @@ -683,8 +685,6 @@ in rstudio-server = 324; localtimed = 325; automatic-timezoned = 326; - uinput = 327; - whisparr = 328; # When adding a gid, make sure it doesn't match an existing # uid. Users and groups with the same name should have equal diff --git a/nixos/modules/services/misc/whisparr.nix b/nixos/modules/services/misc/whisparr.nix index 8594a682ec9f3..bf15ee70fde44 100644 --- a/nixos/modules/services/misc/whisparr.nix +++ b/nixos/modules/services/misc/whisparr.nix @@ -64,10 +64,10 @@ in whisparr = { group = cfg.group; home = cfg.dataDir; - uid = config.ids.uids.whisparr; + isSystemUser = true; }; }; - users.groups = lib.mkIf (cfg.group == "whisparr") { whisparr.gid = config.ids.gids.whisparr; }; + users.groups.whisparr = lib.mkIf (cfg.group == "whisparr") { }; }; }