Lithospherical/nix-config
1
0
Fork 0
forked from jan-leila/nix-config
Code Pull requests Activity

moved user configuration to common

Browse source
This commit is contained in:
Leyla Becker 2024-09-22 00:46:27 -05:00
parent 94ac2d581d
commit 54ecd6d24b
5 changed files with 131 additions and 130 deletions
Download patch file Download diff file Expand all files Collapse all files

77
enviroments/common/default.nix
View file

@ -31,7 +31,82 @@
LC_TIME = "en_US.UTF-8"; LC_TIME = "en_US.UTF-8";
}; };
users.groups.users = {}; users = {
users = {
leyla = {
uid = 1000;
description = "Leyla";
group = "leyla";
};
ester = {
uid = 1001;
description = "Ester";
group = "ester";
};
eve = {
uid = 1002;
description = "Eve";
group = "eve";
};
jellyfin = {
uid = 2000;
group = "jellyfin";
isSystemUser = true;
};
forgejo = {
uid = 2002;
group = "forgejo";
isSystemUser = true;
};
# pihole = {
# uid = 2003;
# group = "forgejo";
# isSystemUser = true;
# };
};
groups = {
leyla = {
gid = 1000;
members = ["lelya"];
};
ester = {
gid = 1001;
members = ["ester"];
};
eve = {
gid = 1002;
members = ["eve"];
};
jellyfin = {
gid = 2000;
members = ["jellyfin" "leyla"];
};
jellyfin_media = {
gid = 2001;
members = ["jellyfin" "leyla" "ester" "eve"];
};
forgejo = {
gid = 2002;
members = ["forgejo" "leyla"];
};
# pihole = {
# gid = 2003;
# members = ["pihole" "leyla"];
# };
};
};
services = { services = {
openssh = { openssh = {

44
enviroments/server/default.nix
View file

@ -48,50 +48,6 @@
}; };
config = { config = {
users = {
groups = {
jellyfin = {
gid = 2000;
members = ["jellyfin" "leyla"];
};
jellyfin_media = {
gid = 2001;
members = ["jellyfin" "leyla" "ester" "eve"];
};
forgejo = {
gid = 2002;
members = ["forgejo" "leyla"];
};
# pihole = {
# gid = 2003;
# members = ["pihole" "leyla"];
# };
};
users = {
jellyfin = {
uid = 2000;
group = "jellyfin";
isSystemUser = true;
};
forgejo = {
uid = 2002;
group = "forgejo";
isSystemUser = true;
};
# pihole = {
# uid = 2003;
# group = "forgejo";
# isSystemUser = true;
# };
};
};
# virtualisation.oci-containers.containers.pihole = { # virtualisation.oci-containers.containers.pihole = {
# image = "pihole/pihole:latest"; # image = "pihole/pihole:latest";
# environment = { # environment = {

42
users/ester/default.nix
View file

@ -18,33 +18,23 @@ in {
}; };
}; };
users.groups.ester = {}; users.users.ester = (
if cfg.isFullUser
then {
isNormalUser = true;
extraGroups = ["networkmanager" "users"];
users.users.ester = lib.mkMerge [ hashedPasswordFile = config.sops.secrets."passwords/ester".path;
{
uid = 1001; packages = with pkgs; [
description = "Ester"; firefox
group = "ester"; bitwarden
discord
];
} }
else {
( isSystemUser = true;
if cfg.isFullUser }
then { );
isNormalUser = true;
extraGroups = ["networkmanager" "users"];
hashedPasswordFile = config.sops.secrets."passwords/ester".path;
packages = with pkgs; [
firefox
bitwarden
discord
];
}
else {
isSystemUser = true;
}
)
];
}; };
} }

46
users/eve/default.nix
View file

@ -18,35 +18,25 @@ in {
}; };
}; };
users.groups.eve = {}; users.users.eve = (
if cfg.isFullUser
then {
isNormalUser = true;
extraGroups = ["networkmanager" "users"];
users.users.eve = lib.mkMerge [ hashedPasswordFile = config.sops.secrets."passwords/eve".path;
{
uid = 1002; packages = with pkgs; [
description = "Eve"; firefox
group = "eve"; bitwarden
discord
makemkv
signal-desktop
];
} }
else {
( isSystemUser = true;
if cfg.isFullUser }
then { );
isNormalUser = true;
extraGroups = ["networkmanager" "users"];
hashedPasswordFile = config.sops.secrets."passwords/eve".path;
packages = with pkgs; [
firefox
bitwarden
discord
makemkv
signal-desktop
];
}
else {
isSystemUser = true;
}
)
];
}; };
} }

52
users/leyla/default.nix
View file

@ -24,40 +24,30 @@ in {
}; };
}; };
users.groups.leyla = {}; users.users.leyla = (
if (cfg.isFullUser || cfg.isThinUser)
then {
isNormalUser = true;
extraGroups = lib.mkMerge [
["networkmanager" "wheel" "users"]
(
lib.mkIf (!cfg.isThinUser) ["adbusers"]
)
];
users.users.leyla = lib.mkMerge [ hashedPasswordFile = config.sops.secrets."passwords/leyla".path;
{
uid = 1000;
description = "Leyla";
group = "leyla";
}
( openssh = {
if (cfg.isFullUser || cfg.isThinUser) authorizedKeys.keys = [
then { "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHeItmt8TRW43uNcOC+eIurYC7Eunc0V3LGocQqLaYj leyla@horizon"
isNormalUser = true; "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKBiZkg1c2aaNHiieBX4cEziqvJVj9pcDfzUrKU/mO0I leyla@twilight"
extraGroups = lib.mkMerge [
["networkmanager" "wheel" "users"]
(
lib.mkIf (!cfg.isThinUser) ["adbusers"]
)
]; ];
};
hashedPasswordFile = config.sops.secrets."passwords/leyla".path; }
else {
openssh = { isSystemUser = true;
authorizedKeys.keys = [ }
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHeItmt8TRW43uNcOC+eIurYC7Eunc0V3LGocQqLaYj leyla@horizon" );
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKBiZkg1c2aaNHiieBX4cEziqvJVj9pcDfzUrKU/mO0I leyla@twilight"
];
};
}
else {
isSystemUser = true;
}
)
];
# TODO: this should reference the home directory from the user config # TODO: this should reference the home directory from the user config
services.openssh.hostKeys = [ services.openssh.hostKeys = [