Lithospherical/nix-config
1
0
Fork 0
forked from jan-leila/nix-config
Code Pull requests Activity

removed users from common

Browse source 
removed common hardware
This commit is contained in:
Leyla Becker 2024-11-24 00:47:36 -06:00
parent d6cccdc41b
commit ddc087a548
22 changed files with 400 additions and 420 deletions
Download patch file Download diff file Expand all files Collapse all files

128
enviroments/common/default.nix
View file

@ -1,11 +1,5 @@
{
pkgs,
lib,
...
}: {
imports = [
./users
];
{pkgs, ...}: {
imports = [];
nix = {
settings = {
@ -40,124 +34,6 @@
LC_TIME = "en_US.UTF-8";
};
users = {
users = {
leyla = {
uid = 1000;
description = "Leyla";
group = "leyla";
home = "/home/leyla";
};
ester = {
uid = 1001;
description = "Ester";
group = "ester";
home = "/home/ester";
};
eve = {
uid = 1002;
description = "Eve";
group = "eve";
home = "/home/eve";
};
jellyfin = {
uid = 2000;
group = "jellyfin";
isSystemUser = true;
};
forgejo = {
uid = 2002;
group = "forgejo";
isSystemUser = true;
};
pihole = {
uid = 2003;
group = "pihole";
isSystemUser = true;
};
hass = {
uid = lib.mkForce 2004;
group = "hass";
isSystemUser = true;
};
headscale = {
uid = 2005;
group = "headscale";
isSystemUser = true;
};
nextcloud = {
uid = 2006;
group = "nextcloud";
isSystemUser = true;
};
};
groups = {
leyla = {
gid = 1000;
members = ["lelya"];
};
ester = {
gid = 1001;
members = ["ester"];
};
eve = {
gid = 1002;
members = ["eve"];
};
users = {
gid = 100;
members = ["leyla" "ester" "eve"];
};
jellyfin = {
gid = 2000;
members = ["jellyfin" "leyla"];
};
jellyfin_media = {
gid = 2001;
members = ["jellyfin" "leyla" "ester" "eve"];
};
forgejo = {
gid = 2002;
members = ["forgejo" "leyla"];
};
pihole = {
gid = 2003;
members = ["pihole" "leyla"];
};
hass = {
gid = lib.mkForce 2004;
members = ["hass" "leyla"];
};
headscale = {
gid = 2005;
members = ["headscale"];
};
nextcloud = {
gid = 2006;
members = ["nextcloud"];
};
};
};
services = {
automatic-timezoned = {
enable = true;

9
enviroments/common/users/default.nix
View file

@ -1,9 +0,0 @@
{...}: {
imports = [
./leyla
./ester
./eve
];
users.mutableUsers = false;
}

36
enviroments/common/users/ester/default.nix
View file

@ -1,36 +0,0 @@
{
lib,
config,
inputs,
...
}: let
cfg = config.nixos.users.ester;
in {
options.nixos.users.ester = {
isDesktopUser = lib.mkEnableOption "install applications intended for desktop use";
};
config = {
nixpkgs.config.allowUnfree = true;
sops.secrets = lib.mkIf cfg.isDesktopUser {
"passwords/ester" = {
neededForUsers = true;
sopsFile = "${inputs.secrets}/user-passwords.yaml";
};
};
users.users.ester = (
if cfg.isDesktopUser
then {
isNormalUser = true;
extraGroups = ["networkmanager"];
hashedPasswordFile = config.sops.secrets."passwords/ester".path;
}
else {
isSystemUser = true;
}
);
};
}

36
enviroments/common/users/eve/default.nix
View file

@ -1,36 +0,0 @@
{
lib,
config,
inputs,
...
}: let
cfg = config.nixos.users.eve;
in {
options.nixos.users.eve = {
isDesktopUser = lib.mkEnableOption "install applications intended for desktop use";
};
config = {
nixpkgs.config.allowUnfree = true;
sops.secrets = lib.mkIf cfg.isDesktopUser {
"passwords/eve" = {
neededForUsers = true;
sopsFile = "${inputs.secrets}/user-passwords.yaml";
};
};
users.users.eve = (
if cfg.isDesktopUser
then {
isNormalUser = true;
extraGroups = ["networkmanager"];
hashedPasswordFile = config.sops.secrets."passwords/eve".path;
}
else {
isSystemUser = true;
}
);
};
}

78
enviroments/common/users/leyla/default.nix
View file

@ -1,78 +0,0 @@
{
lib,
config,
inputs,
...
}: let
cfg = config.nixos.users.leyla;
in {
options.nixos.users.leyla = {
isDesktopUser = lib.mkEnableOption "install applications intended for desktop use";
isTerminalUser = lib.mkEnableOption "install applications intended for terminal use";
hasGPU = lib.mkEnableOption "installs gpu intensive programs";
};
config = {
nixpkgs.config.allowUnfree = true;
sops.secrets = lib.mkIf (cfg.isDesktopUser || cfg.isTerminalUser) {
"passwords/leyla" = {
neededForUsers = true;
sopsFile = "${inputs.secrets}/user-passwords.yaml";
};
};
users.users.leyla = (
if (cfg.isDesktopUser || cfg.isTerminalUser)
then {
isNormalUser = true;
extraGroups = (
["networkmanager" "wheel" "dialout"]
++ lib.lists.optional (!cfg.isTerminalUser) "adbusers"
);
hashedPasswordFile = config.sops.secrets."passwords/leyla".path;
openssh = {
authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHeItmt8TRW43uNcOC+eIurYC7Eunc0V3LGocQqLaYj leyla@horizon"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKBiZkg1c2aaNHiieBX4cEziqvJVj9pcDfzUrKU/mO0I leyla@twilight"
];
};
}
else {
isSystemUser = true;
}
);
services = {
# ollama = {
# enable = cfg.hasGPU;
# acceleration = "cuda";
# };
# TODO: this should reference the home directory from the user config
openssh.hostKeys = [
{
comment = "leyla@" + config.networking.hostName;
path = "/home/leyla/.ssh/leyla_" + config.networking.hostName + "_ed25519";
rounds = 100;
type = "ed25519";
}
];
};
programs = {
steam = lib.mkIf cfg.isDesktopUser {
enable = true;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated ServerServer
localNetworkGameTransfers.openFirewall = true; # Open ports in the firewall for Steam Local Network Game Transfers
};
noisetorch.enable = cfg.isDesktopUser;
adb.enable = cfg.isDesktopUser;
};
};
}