From b61734c4c5d702cac0218f22e8d5665d7b16dc70 Mon Sep 17 00:00:00 2001
From: Dominik Polakovics <dominik.polakovics@cloonar.com>
Date: Tue, 5 Dec 2023 17:50:57 +0100
Subject: [PATCH] change gitea user

---
 hosts/fw.cloonar.com/modules/gitea.nix     | 22 +++++++++++++++-------
 hosts/fw.cloonar.com/modules/staticids.nix |  2 ++
 2 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/hosts/fw.cloonar.com/modules/gitea.nix b/hosts/fw.cloonar.com/modules/gitea.nix
index 3d865ca..fc78ffd 100644
--- a/hosts/fw.cloonar.com/modules/gitea.nix
+++ b/hosts/fw.cloonar.com/modules/gitea.nix
@@ -1,20 +1,24 @@
 { config, ... }:
 let
+  cids = import ../modules/staticids.nix;
   domain = "git.cloonar.com";
   ip = "10.42.97.3";
-in
-{
-
-  users.users.gitea = {
+  
+  user = {
     isSystemUser = true;
-    uid = 990;
+    uid = cids.uids.gitea;
     group = "gitea";
     home = "/var/lib/gitea";
     createHome = true;
   };
-  users.groups.gitea = {
-    gid = 989;
+  group = {
+    gid = cids.gids.gitea;
   };
+in
+{
+
+  users.users.gitea = user;
+  users.groups.gitea = group;
 
   security.acme.certs."${domain}" = {
     group = "nginx";
@@ -47,6 +51,7 @@ in
           allowedTCPPorts = [ 22 80 443 ];
         };
       };
+
       services.nginx.enable = true;
       services.nginx.virtualHosts."${domain}" = {
         sslCertificate = "/var/lib/acme/gitea/fullchain.pem";
@@ -85,6 +90,9 @@ in
         };
       };
 
+      users.users.gitea = user;
+      users.groups.gitea = group;
+
       system.stateVersion = "23.05";
     };
   };
diff --git a/hosts/fw.cloonar.com/modules/staticids.nix b/hosts/fw.cloonar.com/modules/staticids.nix
index ceb7cc4..de4c89c 100644
--- a/hosts/fw.cloonar.com/modules/staticids.nix
+++ b/hosts/fw.cloonar.com/modules/staticids.nix
@@ -1,8 +1,10 @@
 {
   uids = {
     unbound = 10001;
+    gitea = 10002;
   };
   gids = {
     unbound = 10001;
+    gitea = 10002;
   };
 }