From d33425a0f52519707d26534480997e966073fdf5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= <tm@tlater.net>
Date: Wed, 28 Apr 2021 23:02:27 +0100
Subject: [PATCH 1/2] gitea: Use a defined service UID

The default of 1000 mapped to my admin user, which was both a bit
concerning and a bit of an annoyance.
---
 configuration/services/gitea.nix | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/configuration/services/gitea.nix b/configuration/services/gitea.nix
index 148e527..d600ab3 100644
--- a/configuration/services/gitea.nix
+++ b/configuration/services/gitea.nix
@@ -1,6 +1,15 @@
 { config, ... }:
 
 {
+  users = {
+    extraUsers.gitea = {
+      isSystemUser = true;
+      description = "Gitea Service";
+      group = config.users.extraGroups.gitea.name;
+    };
+    extraGroups.gitea = { };
+  };
+
   virtualisation.pods.gitea = {
     hostname = "gitea.tlater.net";
     publish = [ "3000:3000" "2221:2221" ];
@@ -18,6 +27,9 @@
           DB_USER = "gitea";
           DB_PASSWD = "/qNDDK9WCMuubfA7D8DFwfl9T+Gy2IMDvPhiNpcxZjY=";
 
+          USER_UID = toString config.users.extraUsers.gitea.uid;
+          USER_GID = toString config.users.extraGroups.gitea.gid;
+
           RUN_MODE = "prod";
           DOMAIN = "gitea.tlater.net";
           SSH_PORT = "2221";

From 9e06fcf917e26e5bc939ad977a5d909ad5c1e151 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tristan=20Dani=C3=ABl=20Maat?= <tm@tlater.net>
Date: Wed, 28 Apr 2021 23:02:27 +0100
Subject: [PATCH 2/2] gitea: Use a defined service UID

The default of 1000 mapped to my admin user, which was both a bit
concerning and a bit of an annoyance.
---
 configuration/services/gitea.nix | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/configuration/services/gitea.nix b/configuration/services/gitea.nix
index 148e527..0abdb49 100644
--- a/configuration/services/gitea.nix
+++ b/configuration/services/gitea.nix
@@ -1,6 +1,16 @@
 { config, ... }:
 
 {
+  users = {
+    extraUsers.gitea = {
+      uid = config.ids.uids.git;
+      isSystemUser = true;
+      description = "Gitea Service";
+      group = config.users.extraGroups.gitea.name;
+    };
+    extraGroups.gitea = { gid = config.ids.gids.git; };
+  };
+
   virtualisation.pods.gitea = {
     hostname = "gitea.tlater.net";
     publish = [ "3000:3000" "2221:2221" ];
@@ -18,6 +28,9 @@
           DB_USER = "gitea";
           DB_PASSWD = "/qNDDK9WCMuubfA7D8DFwfl9T+Gy2IMDvPhiNpcxZjY=";
 
+          USER_UID = toString config.users.extraUsers.gitea.uid;
+          USER_GID = toString config.users.extraGroups.gitea.gid;
+
           RUN_MODE = "prod";
           DOMAIN = "gitea.tlater.net";
           SSH_PORT = "2221";