diff options
| -rw-r--r-- | modules/apps/jenkins/default.nix | 7 | ||||
| -rw-r--r-- | modules/apps/jenkins/instance.nix | 1 |
2 files changed, 7 insertions, 1 deletions
diff --git a/modules/apps/jenkins/default.nix b/modules/apps/jenkins/default.nix index 0e5fa6b..8bf230a 100644 --- a/modules/apps/jenkins/default.nix +++ b/modules/apps/jenkins/default.nix @@ -7,7 +7,7 @@ let inherit (lib) concatMapStringsSep concatStringsSep escape filterAttrs foldAttrs foldl - hasPrefix mapAttrs mapAttrsToList mkOption nameValuePair optionalString + hasPrefix mapAttrs mapAttrs' mapAttrsToList mkOption nameValuePair optionalString unique ; inherit (lib.types) @@ -157,6 +157,11 @@ in { systemd.services = foldl (a: b: a//b) {} (mapAttrsToList mkService instances); nixsap.deployment.keyrings = keyrings; nixsap.system.users.daemons = users; + + # Although jenkins user is a daemon, many tools require proper home + # directory and ignore $HOME (e. g. Maven). This assumes each Jenkins + # instance has its own user (this is true because i.user is read-only): + users.users = mapAttrs' (_: i: nameValuePair i.user {home = i.home;}) instances; }; } diff --git a/modules/apps/jenkins/instance.nix b/modules/apps/jenkins/instance.nix index 6735ab8..cda6462 100644 --- a/modules/apps/jenkins/instance.nix +++ b/modules/apps/jenkins/instance.nix @@ -40,6 +40,7 @@ in { user = mkOption { description = "User to run as"; default = "jenkins-${name}"; + readOnly = true; type = str; }; |