hydra icon indicating copy to clipboard operation
hydra copied to clipboard

Published 20 hours ago verified publisher icon NixOS

Declarative admin user?

Open DieracDelta opened this issue 4 years ago • 6 comments

Is it possible to create a hydra admin user declaratively? I'm not seeing any options for it.

DieracDelta avatar May 04 '21 13:05 DieracDelta

You can use LDAP. The groups are mapped. That's what we do, but if you're not already running LDAP, that's probably overkill.

ajs124 avatar May 04 '21 14:05 ajs124

What is LDAP?

DieracDelta avatar May 04 '21 16:05 DieracDelta

https://en.wikipedia.org/wiki/Lightweight_Directory_Access_Protocol

dasJ avatar May 09 '21 20:05 dasJ

It's not "truly" declarative, but you could write a systemd service to create a user:

{ config, pkgs, ... }: {
  systemd.services.configure-hydra-user = {
    wantedBy = ["multi-user.target"];
    requires = ["postgresql.service"];
    after = ["postgresql.service"];
    script = ''
      ${config.services.hydra.package}/bin/hydra-create-user admin --password "$(</var/secrets/hydra-admin-password)" --role admin
    '';
  };
}

lheckemann avatar May 15 '21 10:05 lheckemann

Close enough: https://search.nixos.org/options?channel=21.05&show=services.openldap.declarativeContents&from=0&size=50&sort=relevance&query=openldap

dasJ avatar Jun 16 '21 16:06 dasJ

It's not "truly" declarative, but you could write a systemd service to create a user:

{ config, pkgs, ... }: {
  systemd.services.configure-hydra-user = {
    wantedBy = ["multi-user.target"];
    requires = ["postgresql.service"];
    after = ["postgresql.service"];
    script = ''
      ${config.services.hydra.package}/bin/hydra-create-user admin --password "$(</var/secrets/hydra-admin-password)" --role admin
    '';
  };
}

Is this still a viable solution?

malikwirin avatar Nov 25 '24 10:11 malikwirin