From 2d055bb37a6cb7c47af78fd165322477a86c3e9f Mon Sep 17 00:00:00 2001
From: Aaron Andersen <aaron@fosslib.net>
Date: Fri, 4 Feb 2022 16:44:00 -0500
Subject: [PATCH] nixos/cfssl: minor updates/cleanup

---
 nixos/modules/services/security/cfssl.nix | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/nixos/modules/services/security/cfssl.nix b/nixos/modules/services/security/cfssl.nix
index 9d4092d8814a..6df2343b84d2 100644
--- a/nixos/modules/services/security/cfssl.nix
+++ b/nixos/modules/services/security/cfssl.nix
@@ -31,7 +31,7 @@ in {
 
     port = mkOption {
       default = 8888;
-      type = types.ints.u16;
+      type = types.port;
       description = "Port to bind.";
     };
 
@@ -156,11 +156,11 @@ in {
   };
 
   config = mkIf cfg.enable {
-    users.extraGroups.cfssl = {
+    users.groups.cfssl = {
       gid = config.ids.gids.cfssl;
     };
 
-    users.extraUsers.cfssl = {
+    users.users.cfssl = {
       description = "cfssl user";
       home = cfg.dataDir;
       group = "cfssl";
@@ -177,6 +177,7 @@ in {
           WorkingDirectory = cfg.dataDir;
           Restart = "always";
           User = "cfssl";
+          Group = "cfssl";
 
           ExecStart = with cfg; let
             opt = n: v: optionalString (v != null) ''-${n}="${v}"'';