diff --git a/modules/misc/ids.nix b/modules/misc/ids.nix
index 91cfb88cebd2..5b545b799a25 100644
--- a/modules/misc/ids.nix
+++ b/modules/misc/ids.nix
@@ -82,6 +82,18 @@ in
     iodined = 66;
     graphite = 68;
     statsd = 69;
+    transmission = 70;
+    postgres = 71;
+    smbguest = 74;
+    varnish = 75;
+    dd-agent = 76;
+    lighttpd = 77;
+    lightdm = 78;
+    freenet = 79;
+    ircd = 80;
+    bacula = 81;
+    almir = 82;
+    deluge = 83;
 
     # When adding a uid, make sure it doesn't match an existing gid.
 
@@ -147,6 +159,20 @@ in
     iodined = 66;
     libvirtd = 67;
     graphite = 68;
+    transmission = 70;
+    postgres = 71;
+    vboxusers = 72;
+    vboxsf = 73;
+    smbguest = 74;
+    varnish = 75;
+    dd-agent = 76;
+    lighttpd = 77;
+    lightdm = 78;
+    freenet = 79;
+    ircd = 80;
+    bacula = 81;
+    almir = 82;
+    deluge = 83;
 
     # When adding a gid, make sure it doesn't match an existing uid.
 
diff --git a/modules/programs/virtualbox.nix b/modules/programs/virtualbox.nix
index c2781edffb8a..2a2ca745e2f9 100644
--- a/modules/programs/virtualbox.nix
+++ b/modules/programs/virtualbox.nix
@@ -9,7 +9,7 @@ let virtualbox = config.boot.kernelPackages.virtualbox; in
   boot.extraModulePackages = [ virtualbox ];
   environment.systemPackages = [ virtualbox ];
 
-  users.extraGroups = singleton { name = "vboxusers"; };
+  users.extraGroups.vboxusers.gid = config.ids.gids.vboxusers;
 
   services.udev.extraRules =
     ''
diff --git a/modules/services/backup/almir.nix b/modules/services/backup/almir.nix
index a4ebfff23892..d5bc932c6b96 100644
--- a/modules/services/backup/almir.nix
+++ b/modules/services/backup/almir.nix
@@ -161,10 +161,11 @@ in {
 
     users.extraUsers.almir = {
       group = "almir";
+      uid = config.ids.uids.almir;
       createHome = true;
       shell = "${pkgs.bash}/bin/bash";
     };
 
-    users.extraGroups.almir = {};
+    users.extraGroups.almir.gid = config.ids.gids.almir;
   };
 }
diff --git a/modules/services/backup/bacula.nix b/modules/services/backup/bacula.nix
index 525df3400484..272903c99e33 100644
--- a/modules/services/backup/bacula.nix
+++ b/modules/services/backup/bacula.nix
@@ -396,12 +396,13 @@ in {
 
     users.extraUsers.bacula = {
       group = "bacula";
+      uid = config.ids.uids.bacula;
       home = "${libDir}";
       createHome = true;
       description = "Bacula Daemons user";
       shell = "${pkgs.bash}/bin/bash";
     };
 
-    users.extraGroups.bacula = {};
+    users.extraGroups.bacula.gid = config.ids.gids.bacula;
   };
 }
diff --git a/modules/services/databases/postgresql.nix b/modules/services/databases/postgresql.nix
index de03fe1e46ee..fc6b5b167b88 100644
--- a/modules/services/databases/postgresql.nix
+++ b/modules/services/databases/postgresql.nix
@@ -154,13 +154,14 @@ in
         host  all all ::1/128      md5
       '';
 
-    users.extraUsers = singleton
+    users.extraUsers.postgres =
       { name = "postgres";
+        uid = config.ids.uids.postgres;
+        group = "postgres";
         description = "PostgreSQL server user";
       };
 
-    users.extraGroups = singleton
-      { name = "postgres"; };
+    users.extraGroups.postgres.gid = config.ids.gids.postgres;
 
     environment.systemPackages = [postgresql];
 
diff --git a/modules/services/monitoring/dd-agent.nix b/modules/services/monitoring/dd-agent.nix
index 92e88c68d162..ef658523c1f3 100644
--- a/modules/services/monitoring/dd-agent.nix
+++ b/modules/services/monitoring/dd-agent.nix
@@ -46,12 +46,13 @@ in {
 
     users.extraUsers."dd-agent" = {
       description = "Datadog Agent User";
+      uid = config.ids.uids.dd-agent;
       group = "dd-agent";
       home = "/var/log/datadog/";
       createHome = true;
     };
 
-    users.extraGroups."dd-agent" = { };
+    users.extraGroups.dd-agent.gid = config.ids.gids.dd-agent;
 
     systemd.services.dd-agent = {
       description = "Datadog agent monitor";
diff --git a/modules/services/network-filesystems/samba.nix b/modules/services/network-filesystems/samba.nix
index 903e2c39ae9c..518142ba97b1 100644
--- a/modules/services/network-filesystems/samba.nix
+++ b/modules/services/network-filesystems/samba.nix
@@ -188,16 +188,13 @@ in
       }
 
       (mkIf config.services.samba.enable {
-        users.extraUsers = singleton
-          { name = user;
-            description = "Samba service user";
-            group = group;
-          };
-
-        users.extraGroups = singleton
-          { name = group;
-          };
+        users.extraUsers.smbguest = {
+          description = "Samba service user";
+          group = group;
+          uid = config.ids.uids.smbguest;
+        };
 
+        users.extraGroups.smbguest.gid = config.ids.uids.smbguest;
 
         systemd = {
           targets.samba = {
diff --git a/modules/services/networking/freenet.nix b/modules/services/networking/freenet.nix
index 314c690d7d42..a4bd2098986d 100644
--- a/modules/services/networking/freenet.nix
+++ b/modules/services/networking/freenet.nix
@@ -55,9 +55,10 @@ in
       description = "Freenet daemon user";
       home = varDir;
       createHome = true;
+      uid = config.ids.uids.freenet;
     };
 
-    users.extraGroups.freenet = {};
+    users.extraGroups.freenet.gid = config.ids.gids.freenet;
   };
 
 }
diff --git a/modules/services/networking/ircd-hybrid/default.nix b/modules/services/networking/ircd-hybrid/default.nix
index 99fe02db5db8..cd82a41ef7af 100644
--- a/modules/services/networking/ircd-hybrid/default.nix
+++ b/modules/services/networking/ircd-hybrid/default.nix
@@ -115,10 +115,11 @@ in
     users.extraUsers = singleton
       { name = "ircd";
         description = "IRCD owner";
+        group = "ircd";
+        uid = config.ids.uids.ircd;
       };
 
-    users.extraGroups = singleton
-      { name = "ircd"; };
+    users.extraGroups.ircd.gid = config.ids.gids.ircd;
 
     jobs.ircd_hybrid =
       { name = "ircd-hybrid";
diff --git a/modules/services/system/dbus.nix b/modules/services/system/dbus.nix
index 28647004ce4c..eab876be76d3 100644
--- a/modules/services/system/dbus.nix
+++ b/modules/services/system/dbus.nix
@@ -103,18 +103,14 @@ in
         target = "dbus-1";
       };
 
-    users.extraUsers = singleton
-      { name = "messagebus";
-        uid = config.ids.uids.messagebus;
-        description = "D-Bus system message bus daemon user";
-        home = homeDir;
-        group = "messagebus";
-      };
+    users.extraUsers.messagebus = {
+      uid = config.ids.uids.messagebus;
+      description = "D-Bus system message bus daemon user";
+      home = homeDir;
+      group = "messagebus";
+    };
 
-    users.extraGroups = singleton
-      { name = "messagebus";
-        gid = config.ids.gids.messagebus;
-      };
+    users.extraGroups.messagebus.gid = config.ids.gids.messagebus;
 
     # FIXME: these are copied verbatim from the dbus source tree.  We
     # should install and use the originals.
diff --git a/modules/services/torrent/deluge.nix b/modules/services/torrent/deluge.nix
index 12b61d39109b..e0c212e5661f 100644
--- a/modules/services/torrent/deluge.nix
+++ b/modules/services/torrent/deluge.nix
@@ -54,11 +54,12 @@ in {
 
     users.extraUsers.deluge = {
       group = "deluge";
+      uid = config.ids.uids.deluge;
       home = "/var/lib/deluge/";
       createHome = true;
       description = "Deluge Daemon user";
     };
 
-    users.extraGroups.deluge = {};
+    users.extraGroups.deluge.gid = config.ids.gids.deluge;
   };
 }
diff --git a/modules/services/torrent/transmission.nix b/modules/services/torrent/transmission.nix
index 4c989f09fea6..063332d48628 100644
--- a/modules/services/torrent/transmission.nix
+++ b/modules/services/torrent/transmission.nix
@@ -129,12 +129,13 @@ in
 
     users.extraUsers.transmission = {
       group = "transmission";
+      uid = config.ids.uids.transmission;
       description = "Transmission BitTorrent user";
       home = homeDir;
       createHome = true;
     };
 
-    users.extraGroups.transmission = {};
+    users.extraGroups.transmission.gid = config.ids.gids.transmission;
 
     # AppArmor profile
     security.apparmor.profiles = mkIf (config.security.apparmor.enable && cfg.apparmor) [
diff --git a/modules/services/web-servers/lighttpd/default.nix b/modules/services/web-servers/lighttpd/default.nix
index f1099ef599f4..f9e40fc4b541 100644
--- a/modules/services/web-servers/lighttpd/default.nix
+++ b/modules/services/web-servers/lighttpd/default.nix
@@ -170,8 +170,9 @@ in
     users.extraUsers.lighttpd = {
       group = "lighttpd";
       description = "lighttpd web server privilege separation user";
+      uid = config.ids.uids.lighttpd;
     };
 
-    users.extraGroups.lighttpd = {};
+    users.extraGroups.lighttpd.gid = config.ids.gids.lighttpd;
   };
 }
diff --git a/modules/services/web-servers/varnish/default.nix b/modules/services/web-servers/varnish/default.nix
index 66ec978bac8e..39de73213ce1 100644
--- a/modules/services/web-servers/varnish/default.nix
+++ b/modules/services/web-servers/varnish/default.nix
@@ -47,8 +47,9 @@ with pkgs.lib;
 
     users.extraUsers.varnish = {
       group = "varnish";
+      uid = config.ids.uids.varnish;
     };
 
-    users.extraGroups.varnish = {};
+    users.extraGroups.varnish.gid = config.ids.uids.varnish;
   };
 }
diff --git a/modules/virtualisation/virtualbox-guest.nix b/modules/virtualisation/virtualbox-guest.nix
index 262afae2cf6e..75c5349e0c26 100644
--- a/modules/virtualisation/virtualbox-guest.nix
+++ b/modules/virtualisation/virtualbox-guest.nix
@@ -38,7 +38,7 @@ optionalAttrs (pkgs.stdenv.isi686 || pkgs.stdenv.isx86_64) # ugly...
 
     boot.extraModulePackages = [ kernel.virtualboxGuestAdditions ];
 
-    users.extraGroups = singleton { name = "vboxsf"; };
+    users.extraGroups.vboxsf.gid = config.ids.gids.vboxsf;
 
     jobs.virtualbox =
       { description = "VirtualBox Guest Services";