diff --git a/modules/bitcoind.nix b/modules/bitcoind.nix index 9a2a79b..e78ca37 100644 --- a/modules/bitcoind.nix +++ b/modules/bitcoind.nix @@ -388,7 +388,10 @@ in { } // nbLib.allowLocalIPAddresses; }; - users.users.${cfg.user}.group = cfg.group; + users.users.${cfg.user} = { + isSystemUser = true; + group = cfg.group; + }; users.groups.${cfg.group} = {}; users.groups.bitcoinrpc-public = {}; nix-bitcoin.operator.groups = [ cfg.group ]; diff --git a/modules/btcpayserver.nix b/modules/btcpayserver.nix index 1429f9a..4b89add 100644 --- a/modules/btcpayserver.nix +++ b/modules/btcpayserver.nix @@ -230,6 +230,7 @@ in { }; in self; users.users.${cfg.nbxplorer.user} = { + isSystemUser = true; group = cfg.nbxplorer.group; extraGroups = [ "bitcoinrpc-public" ] ++ optional cfg.btcpayserver.lbtc cfg.liquidd.group; @@ -237,6 +238,7 @@ in { }; users.groups.${cfg.nbxplorer.group} = {}; users.users.${cfg.btcpayserver.user} = { + isSystemUser = true; group = cfg.btcpayserver.group; extraGroups = [ cfg.nbxplorer.group ] ++ optional (cfg.btcpayserver.lightningBackend == "clightning") cfg.clightning.user; diff --git a/modules/charge-lnd.nix b/modules/charge-lnd.nix index c926cee..b6cf8aa 100644 --- a/modules/charge-lnd.nix +++ b/modules/charge-lnd.nix @@ -133,8 +133,8 @@ in }; users.users.${user} = { - group = group; isSystemUser = true; + group = group; }; users.groups.${group} = {}; }; diff --git a/modules/clightning.nix b/modules/clightning.nix index 1fbff34..0cadfc3 100644 --- a/modules/clightning.nix +++ b/modules/clightning.nix @@ -140,6 +140,7 @@ in { }; users.users.${cfg.user} = { + isSystemUser = true; group = cfg.group; extraGroups = [ "bitcoinrpc-public" ]; }; diff --git a/modules/electrs.nix b/modules/electrs.nix index 53a20ad..880cc1a 100644 --- a/modules/electrs.nix +++ b/modules/electrs.nix @@ -106,6 +106,7 @@ in { }; users.users.${cfg.user} = { + isSystemUser = true; group = cfg.group; extraGroups = [ "bitcoinrpc-public" ] ++ optionals cfg.high-memory [ bitcoind.user ]; }; diff --git a/modules/joinmarket.nix b/modules/joinmarket.nix index bf5bac4..3dcb291 100644 --- a/modules/joinmarket.nix +++ b/modules/joinmarket.nix @@ -270,6 +270,7 @@ in { }; users.users.${cfg.user} = { + isSystemUser = true; group = cfg.group; home = cfg.dataDir; # Allow access to the tor control socket, needed for payjoin onion service creation diff --git a/modules/liquid.nix b/modules/liquid.nix index 215ef5f..7e375a7 100644 --- a/modules/liquid.nix +++ b/modules/liquid.nix @@ -240,6 +240,7 @@ in { }; users.users.${cfg.user} = { + isSystemUser = true; group = cfg.group; extraGroups = [ "bitcoinrpc-public" ]; }; diff --git a/modules/lnd.nix b/modules/lnd.nix index cf5fa9c..33bbce0 100644 --- a/modules/lnd.nix +++ b/modules/lnd.nix @@ -263,6 +263,7 @@ in { }; users.users.${cfg.user} = { + isSystemUser = true; group = cfg.group; extraGroups = [ "bitcoinrpc-public" ]; home = cfg.dataDir; # lnd creates .lnd dir in HOME diff --git a/modules/recurring-donations.nix b/modules/recurring-donations.nix index 68d48ab..377af6d 100644 --- a/modules/recurring-donations.nix +++ b/modules/recurring-donations.nix @@ -97,6 +97,7 @@ in { }; users.users.recurring-donations = { + isSystemUser = true; group = "recurring-donations"; extraGroups = [ config.services.clightning.group ]; }; diff --git a/modules/spark-wallet.nix b/modules/spark-wallet.nix index f9947ec..c305337 100644 --- a/modules/spark-wallet.nix +++ b/modules/spark-wallet.nix @@ -65,6 +65,7 @@ in { services.clightning.enable = true; users.users.${cfg.user} = { + isSystemUser = true; group = cfg.group; extraGroups = [ config.services.clightning.group ]; };