Merge pull request #315697 from pacien/nixos-stalwart-no-dynamicuser

nixos/stalwart-mail: do not use DynamicUser
author: Yt <raphael@megzari.com> 2024-05-30 21:27:34 +0000
committer: GitHub <noreply@github.com> 2024-05-30 21:27:34 +0000
commit: 782f9a832e7e3d14b61d371244c0356d5d31d821 (patch)
tree: e4d60a07351322b4c299ad2ee1989b133e1d5dc4 /nixos
parent: c4919065b12c7bebe82a999e9c3b9cff3ad67ef8 (diff)
parent: 6ee84bcda0a817434597dba0e5789cc8b7232d58 (diff)
1 files changed, 13 insertions, 1 deletions
diff --git a/nixos/modules/services/mail/stalwart-mail.nix b/nixos/modules/services/mail/stalwart-mail.nix
index 91ae78d7345e0..6b0d73be8a557 100644
--- a/nixos/modules/services/mail/stalwart-mail.nix
+++ b/nixos/modules/services/mail/stalwart-mail.nix
@@ -55,6 +55,18 @@ in {
       ];
     };
 
+    # This service stores a potentially large amount of data.
+    # Running it as a dynamic user would force chown to be run everytime the
+    # service is restarted on a potentially large number of files.
+    # That would cause unnecessary and unwanted delays.
+    users = {
+      groups.stalwart-mail = { };
+      users.stalwart-mail = {
+        isSystemUser = true;
+        group = "stalwart-mail";
+      };
+    };
+
     systemd.services.stalwart-mail = {
       wantedBy = [ "multi-user.target" ];
       after = [ "local-fs.target" "network.target" ];
@@ -78,8 +90,8 @@ in {
         StandardError = "journal";
         SyslogIdentifier = "stalwart-mail";
 
-        DynamicUser = true;
         User = "stalwart-mail";
+        Group = "stalwart-mail";
         StateDirectory = "stalwart-mail";
 
         # Bind standard privileged ports
author	Yt <raphael@megzari.com>	2024-05-30 21:27:34 +0000
committer	GitHub <noreply@github.com>	2024-05-30 21:27:34 +0000
commit	782f9a832e7e3d14b61d371244c0356d5d31d821 (patch)
tree	e4d60a07351322b4c299ad2ee1989b133e1d5dc4 /nixos
parent	c4919065b12c7bebe82a999e9c3b9cff3ad67ef8 (diff)
parent	6ee84bcda0a817434597dba0e5789cc8b7232d58 (diff)