jan-leila/nix-config
1
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

restructured project to split out home manager

Browse source
This commit is contained in:
Leyla Becker 2024-11-22 00:51:10 -06:00
parent c8e7944da5
commit 18f51a65c2
24 changed files with 421 additions and 254 deletions
Download patch file Download diff file Expand all files Collapse all files

9
enviroments/common/users/default.nix Normal file
View file

@ -0,0 +1,9 @@
{...}: {
imports = [
./leyla
./ester
./eve
];
users.mutableUsers = false;
}

36
enviroments/common/users/ester/default.nix Normal file
View file

@ -0,0 +1,36 @@
{
lib,
config,
inputs,
...
}: let
cfg = config.nixos.users.ester;
in {
options.nixos.users.ester = {
isDesktopUser = lib.mkEnableOption "install applications intended for desktop use";
};
config = {
nixpkgs.config.allowUnfree = true;
sops.secrets = lib.mkIf cfg.isDesktopUser {
"passwords/ester" = {
neededForUsers = true;
sopsFile = "${inputs.secrets}/user-passwords.yaml";
};
};
users.users.ester = (
if cfg.isDesktopUser
then {
isNormalUser = true;
extraGroups = ["networkmanager"];
hashedPasswordFile = config.sops.secrets."passwords/ester".path;
}
else {
isSystemUser = true;
}
);
};
}

36
enviroments/common/users/eve/default.nix Normal file
View file

@ -0,0 +1,36 @@
{
lib,
config,
inputs,
...
}: let
cfg = config.nixos.users.eve;
in {
options.nixos.users.eve = {
isDesktopUser = lib.mkEnableOption "install applications intended for desktop use";
};
config = {
nixpkgs.config.allowUnfree = true;
sops.secrets = lib.mkIf cfg.isDesktopUser {
"passwords/eve" = {
neededForUsers = true;
sopsFile = "${inputs.secrets}/user-passwords.yaml";
};
};
users.users.eve = (
if cfg.isDesktopUser
then {
isNormalUser = true;
extraGroups = ["networkmanager"];
hashedPasswordFile = config.sops.secrets."passwords/eve".path;
}
else {
isSystemUser = true;
}
);
};
}

78
enviroments/common/users/leyla/default.nix Normal file
View file

@ -0,0 +1,78 @@
{
lib,
config,
inputs,
...
}: let
cfg = config.nixos.users.leyla;
in {
options.nixos.users.leyla = {
isDesktopUser = lib.mkEnableOption "install applications intended for desktop use";
isTerminalUser = lib.mkEnableOption "install applications intended for terminal use";
hasGPU = lib.mkEnableOption "installs gpu intensive programs";
};
config = {
nixpkgs.config.allowUnfree = true;
sops.secrets = lib.mkIf (cfg.isDesktopUser || cfg.isTerminalUser) {
"passwords/leyla" = {
neededForUsers = true;
sopsFile = "${inputs.secrets}/user-passwords.yaml";
};
};
users.users.leyla = (
if (cfg.isDesktopUser || cfg.isTerminalUser)
then {
isNormalUser = true;
extraGroups = (
["networkmanager" "wheel" "dialout"]
++ lib.lists.optional (!cfg.isTerminalUser) "adbusers"
);
hashedPasswordFile = config.sops.secrets."passwords/leyla".path;
openssh = {
authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHeItmt8TRW43uNcOC+eIurYC7Eunc0V3LGocQqLaYj leyla@horizon"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKBiZkg1c2aaNHiieBX4cEziqvJVj9pcDfzUrKU/mO0I leyla@twilight"
];
};
}
else {
isSystemUser = true;
}
);
services = {
# ollama = {
# enable = cfg.hasGPU;
# acceleration = "cuda";
# };
# TODO: this should reference the home directory from the user config
openssh.hostKeys = [
{
comment = "leyla@" + config.networking.hostName;
path = "/home/leyla/.ssh/leyla_" + config.networking.hostName + "_ed25519";
rounds = 100;
type = "ed25519";
}
];
};
programs = {
steam = lib.mkIf cfg.isDesktopUser {
enable = true;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated ServerServer
localNetworkGameTransfers.openFirewall = true; # Open ports in the firewall for Steam Local Network Game Transfers
};
noisetorch.enable = cfg.isDesktopUser;
adb.enable = cfg.isDesktopUser;
};
};
}