[mcp] Reworks how system users are defined. [public-html] Adds system user for pushing updates.

2025-04-28 15:57:16 -07:00
parent df2c2aa1ae
commit 509c861529
8 changed files with 71 additions and 116 deletions
--- a/system/hosts/mcp/containers/offen.nix
+++ b/system/hosts/mcp/containers/offen.nix
@@ -1,10 +1,7 @@
 { config, ... }:
 let
  inherit (import ./lib.nix config) mkContainer terakoda;
-  userIds = import ./user-ids.nix;
 in {
-  users = userIds.mkUserAndGroup "offen" userIds.offen;
-
  sops = {
    secrets = {
      "offen/smtp-token" = {};
@@ -30,7 +27,7 @@ in {
    image = "offen/offen";
    hostName = "offen";
    domain = terakoda;
-    user = "${toString userIds.offen.uid}:${toString userIds.offen.gid}";
+    user = "offen:offen";
    port = 80;
    volumes = [
      "${config.sops.templates."offen.env".path}:/etc/offen/offen.env:ro"