diff --git a/src/rootcell/providers/aws-ec2-terraform.ts b/src/rootcell/providers/aws-ec2-terraform.ts index b8eaffe..546b9fc 100644 --- a/src/rootcell/providers/aws-ec2-terraform.ts +++ b/src/rootcell/providers/aws-ec2-terraform.ts @@ -489,10 +489,14 @@ if ! getent group users >/dev/null 2>&1; then groupadd -r users fi +if ! getent group docker >/dev/null 2>&1; then + groupadd -r docker +fi + if ! id -u "$user" >/dev/null 2>&1; then - useradd -m -u 501 -g users -G wheel -s /run/current-system/sw/bin/bash "$user" + useradd -m -u 501 -g users -G wheel,docker -s /run/current-system/sw/bin/bash "$user" else - usermod -a -G wheel "$user" + usermod -a -G wheel,docker "$user" mkdir -p "$home" chown "$user:users" "$home" fi diff --git a/src/rootcell/rootcell.test.ts b/src/rootcell/rootcell.test.ts index 77e57fe..622ead1 100644 --- a/src/rootcell/rootcell.test.ts +++ b/src/rootcell/rootcell.test.ts @@ -1510,6 +1510,9 @@ describe("VM and network providers", () => { expect(hcl).toContain("data \"aws_ami\" \"nixos_arm64\""); expect(hcl).toContain('values = ["arm64"]'); expect(hcl).toContain("user_data = local.rootcell_bootstrap_user_data"); + expect(hcl).toContain("groupadd -r docker"); + expect(hcl).toContain("useradd -m -u 501 -g users -G wheel,docker"); + expect(hcl).toContain("usermod -a -G wheel,docker"); expect(hcl).not.toContain(" network_interface {"); expect(hcl).not.toContain("aws_s3_object"); expect(hcl).not.toContain("aws_ebs_snapshot_import");