kyle/imladris
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Pin mcp user UID/GID to 850

Browse Source 
UID 995 conflicted with sshd on orion. Pin to 850 (the 800-899 range
is unused on all nodes and well below NixOS auto-assign range).
Pin GID to 850 as well for consistency.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Kyle Isom
2026-04-03 01:38:45 -07:00
parent 53addc0ed1
commit 5a381d314e
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
configs/mcp.nix
View File

@@ -7,6 +7,7 @@
{ {
users.users.mcp = { users.users.mcp = {
isSystemUser = true; isSystemUser = true;
uid = 850; # Pinned to avoid auto-assign conflicts (800-899 range is unused on all nodes).
group = "mcp"; group = "mcp";
home = "/srv/mcp"; home = "/srv/mcp";
shell = pkgs.shadow; # nologin equivalent shell = pkgs.shadow; # nologin equivalent
@@ -16,7 +17,7 @@
linger = true; linger = true;
}; };
users.groups.mcp = {}; users.groups.mcp = { gid = 850; };
# MCP Master runs as an MCP-managed container (not a systemd service). # MCP Master runs as an MCP-managed container (not a systemd service).
# Deployed via: mcp deploy mcp-master --direct # Deployed via: mcp deploy mcp-master --direct
@@ -38,7 +39,7 @@
Group = "mcp"; Group = "mcp";
Environment = [ Environment = [
"HOME=/srv/mcp" "HOME=/srv/mcp"
"XDG_RUNTIME_DIR=/run/user/%U" "XDG_RUNTIME_DIR=/run/user/850"
"PATH=/run/current-system/sw/bin:/usr/local/bin" "PATH=/run/current-system/sw/bin:/usr/local/bin"
]; ];