Lithospherical/nix-config
1
0
Fork 0
forked from jan-leila/nix-config
Code Pull requests Activity

added users that can be disabled

Browse source
This commit is contained in:
Leyla Becker 2024-03-10 17:26:25 -05:00
parent 9418b91b4d
commit eda1db9136
6 changed files with 193 additions and 94 deletions
Download patch file Download diff file Expand all files Collapse all files

5
hosts/horizon/configuration.nix
View file

@ -1,6 +1,5 @@
# leyla laptop
{ config, pkgs, inputs, ... }:
{
imports =
[
@ -17,6 +16,10 @@
sops.age.keyFile = "/home/leyla/.config/sops/age/keys.txt";
users.leyla.isNormalUser = true;
users.ester.isNormalUser = true;
users.eve.isNormalUser = true;
# Bootloader.
boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true;

2
users/default.nix
View file

@ -1,6 +1,6 @@
{ ... }:
{
imports = [ ./leyla ./ester ./eve ];
imports = [ ./leyla ./ester ./eve ./remote ];
users.mutableUsers = false;
}

30
users/ester/default.nix
View file

@ -1,15 +1,32 @@
{ lib, config, pkgs, ... }:
let
cfg = config.users.ester;
in
{
sops.secrets."passwords/ester" = {
options.users.ester = {
isNormalUser = lib.mkEnableOption "ester";
};
config = {
sops.secrets = lib.mkIf cfg.isNormalUser {
"passwords/ester" = {
neededForUsers = true;
# sopsFile = ../secrets.yaml;
};
};
# Define user accounts
users.users.ester = {
isNormalUser = true;
users.groups.ester = {};
users.users.ester = lib.mkMerge [
{
uid = 1001;
description = "Ester";
group = "ester";
}
(
if cfg.isNormalUser then {
isNormalUser = true;
extraGroups = [ "networkmanager" ];
hashedPasswordFile = config.sops.secrets."passwords/ester".path;
@ -19,5 +36,10 @@
bitwarden
discord
];
} else {
isSystemUser = true;
}
)
];
};
}

30
users/eve/default.nix
View file

@ -1,15 +1,32 @@
{ lib, config, pkgs, ... }:
let
cfg = config.users.eve;
in
{
sops.secrets."passwords/eve" = {
options.users.eve = {
isNormalUser = lib.mkEnableOption "eve";
};
config = {
sops.secrets = lib.mkIf cfg.isNormalUser {
"passwords/eve" = {
neededForUsers = true;
# sopsFile = ../secrets.yaml;
};
};
# Define user accounts
users.users.eve = {
isNormalUser = true;
users.groups.eve = {};
users.users.eve = lib.mkMerge [
{
uid = 1002;
description = "Eve";
group = "eve";
}
(
if cfg.isNormalUser then {
isNormalUser = true;
extraGroups = [ "networkmanager" ];
hashedPasswordFile = config.sops.secrets."passwords/eve".path;
@ -21,5 +38,10 @@
makemkv
signal-desktop
];
} else {
isSystemUser = true;
}
)
];
};
}

30
users/leyla/default.nix
View file

@ -1,15 +1,32 @@
{ lib, config, pkgs, ... }:
let
cfg = config.users.leyla;
in
{
sops.secrets."passwords/leyla" = {
options.users.leyla = {
isNormalUser = lib.mkEnableOption "leyla";
};
config = {
sops.secrets = lib.mkIf cfg.isNormalUser {
"passwords/leyla" = {
neededForUsers = true;
# sopsFile = ../secrets.yaml;
};
};
# Define user accounts
users.users.leyla = {
isNormalUser = true;
users.groups.leyla = {};
users.users.leyla = lib.mkMerge [
{
uid = 1000;
description = "Leyla";
group = "leyla";
}
(
if cfg.isNormalUser then {
isNormalUser = true;
extraGroups = [ "networkmanager" "wheel" ];
hashedPasswordFile = config.sops.secrets."passwords/leyla".path;
@ -65,5 +82,10 @@
# DS Emulator
desmume
];
} else {
isSystemUser = true;
}
)
];
};
}

30
users/remote/default.nix Normal file
View file

@ -0,0 +1,30 @@
{ lib, config, ... }:
let
cfg = config.users.remote;
in
{
options.users.remote = {
isNormalUser = lib.mkEnableOption "remote";
};
config.users = {
groups.remote = {};
users.remote = lib.mkMerge [
{
uid = 2000;
group = "remote";
}
(
if cfg.isNormalUser then {
# extraGroups = [ "wheel" ];
isNormalUser = true;
openssh.authorizedKeys.keys = [];
} else {
isSystemUser = true;
}
)
];
};
}