From 395fa586249d3af0dc5a6928d19175892cc0939d Mon Sep 17 00:00:00 2001
From: Chris Toph <toph@ryot.foo>
Date: Wed, 22 Jan 2025 17:23:32 -0500
Subject: [PATCH] Created ryot user group for pool users

---
 host/cloud/hardware.nix                 |  3 +++
 host/komodo/modules/forgejo/default.nix | 10 +++++++---
 nix/default.nix                         |  6 ++++++
 3 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/host/cloud/hardware.nix b/host/cloud/hardware.nix
index 0ba809a..965186a 100644
--- a/host/cloud/hardware.nix
+++ b/host/cloud/hardware.nix
@@ -18,6 +18,9 @@
         "fsname=mergerfs"
         "category.create=mfs"
         "nonempty"
+        "uid=1000"
+        "gid=1004" # Ryot group
+        "umask=002"
       ];
     };
 
diff --git a/host/komodo/modules/forgejo/default.nix b/host/komodo/modules/forgejo/default.nix
index 17e7c95..56fe839 100644
--- a/host/komodo/modules/forgejo/default.nix
+++ b/host/komodo/modules/forgejo/default.nix
@@ -11,6 +11,7 @@
   services.forgejo = {
     enable = true;
 
+    group = "ryot";
     stateDir = "/pool/forgejo";
 
     # Settings
@@ -73,9 +74,12 @@
     };
   };
 
-  users.users.forgejo.openssh.authorizedKeys.keys = [
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIClZstYoT64zHnGfE7LMYNiQPN5/gmCt382lC+Ji8lrH PVE"
-  ];
+  users.users.forgejo = {
+    extraGroups = [ "ryot" ];
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIClZstYoT64zHnGfE7LMYNiQPN5/gmCt382lC+Ji8lrH PVE"
+    ];
+  };
 
   # Give admin group access to forgejo config
   users.users.${admin}.extraGroups = [ "forgejo" ];
diff --git a/nix/default.nix b/nix/default.nix
index 53f38fc..d0650c0 100644
--- a/nix/default.nix
+++ b/nix/default.nix
@@ -33,6 +33,12 @@ in
 
   ## USERS ##
   users.mutableUsers = false;
+  users.groups = {
+    ryot = {
+      gid = 1004;
+      members = [ "${admin}" ];
+    };
+  };
   users.users."${admin}" = {
     isNormalUser = true;
     createHome = true;