Pin mcp user UID/GID to 850

UID 995 conflicted with sshd on orion. Pin to 850 (the 800-899 range is unused on all nodes and well below NixOS auto-assign range). Pin GID to 850 as well for consistency. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-03 01:38:45 -07:00
parent 53addc0ed1
commit 5a381d314e
1 changed files with 3 additions and 2 deletions
--- a/configs/mcp.nix
+++ b/configs/mcp.nix
@@ -7,6 +7,7 @@
 {
  users.users.mcp = {
    isSystemUser = true;
+    uid = 850; # Pinned to avoid auto-assign conflicts (800-899 range is unused on all nodes).
    group = "mcp";
    home = "/srv/mcp";
    shell = pkgs.shadow; # nologin equivalent
@@ -16,7 +17,7 @@
    linger = true;
  };

-  users.groups.mcp = {};
+  users.groups.mcp = { gid = 850; };

  # MCP Master runs as an MCP-managed container (not a systemd service).
  # Deployed via: mcp deploy mcp-master --direct
@@ -38,7 +39,7 @@
      Group = "mcp";
      Environment = [
        "HOME=/srv/mcp"
-        "XDG_RUNTIME_DIR=/run/user/%U"
+        "XDG_RUNTIME_DIR=/run/user/850"
        "PATH=/run/current-system/sw/bin:/usr/local/bin"
      ];