Commit 91f2af0fcb54

Vincent Demeester <vincent@sbr.pm>
2026-01-14 09:40:47
fix(harmonia): run builder service as vincent user
The builder service was running as root but accessing a git repository owned by vincent, which caused git to reject operations due to dubious ownership checks (git 2.35.2+). Changed the service user from root to vincent since: - The flake repository is owned by vincent - Building doesn't require root privileges - Better security practice to run with least privilege Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
main
1 parent 57b8aaa
Changed files (1)
modules
harmonia
default.nix
modules/harmonia/default.nix
@@ -162,7 +162,7 @@ in
 
         serviceConfig = {
           Type = "oneshot";
-          User = "root";
+          User = "vincent";
           # Set a reasonable timeout (2 hours)
           TimeoutStartSec = "2h";
         };