From 54ecd6d24b9a9c161663d772d6c330dcedc0de81 Mon Sep 17 00:00:00 2001 From: Leyla Becker Date: Sun, 22 Sep 2024 00:46:27 -0500 Subject: [PATCH] moved user configuration to common --- enviroments/common/default.nix | 77 +++++++++++++++++++++++++++++++++- enviroments/server/default.nix | 44 ------------------- users/ester/default.nix | 42 +++++++------------ users/eve/default.nix | 46 ++++++++------------ users/leyla/default.nix | 52 ++++++++++------------- 5 files changed, 131 insertions(+), 130 deletions(-) diff --git a/enviroments/common/default.nix b/enviroments/common/default.nix index 2152820..643240a 100644 --- a/enviroments/common/default.nix +++ b/enviroments/common/default.nix @@ -31,7 +31,82 @@ LC_TIME = "en_US.UTF-8"; }; - users.groups.users = {}; + users = { + users = { + leyla = { + uid = 1000; + description = "Leyla"; + group = "leyla"; + }; + + ester = { + uid = 1001; + description = "Ester"; + group = "ester"; + }; + + eve = { + uid = 1002; + description = "Eve"; + group = "eve"; + }; + + jellyfin = { + uid = 2000; + group = "jellyfin"; + isSystemUser = true; + }; + + forgejo = { + uid = 2002; + group = "forgejo"; + isSystemUser = true; + }; + + # pihole = { + # uid = 2003; + # group = "forgejo"; + # isSystemUser = true; + # }; + }; + + groups = { + leyla = { + gid = 1000; + members = ["lelya"]; + }; + + ester = { + gid = 1001; + members = ["ester"]; + }; + + eve = { + gid = 1002; + members = ["eve"]; + }; + + jellyfin = { + gid = 2000; + members = ["jellyfin" "leyla"]; + }; + + jellyfin_media = { + gid = 2001; + members = ["jellyfin" "leyla" "ester" "eve"]; + }; + + forgejo = { + gid = 2002; + members = ["forgejo" "leyla"]; + }; + + # pihole = { + # gid = 2003; + # members = ["pihole" "leyla"]; + # }; + }; + }; services = { openssh = { diff --git a/enviroments/server/default.nix b/enviroments/server/default.nix index defb37b..3b567eb 100644 --- a/enviroments/server/default.nix +++ b/enviroments/server/default.nix @@ -48,50 +48,6 @@ }; config = { - users = { - groups = { - jellyfin = { - gid = 2000; - members = ["jellyfin" "leyla"]; - }; - - jellyfin_media = { - gid = 2001; - members = ["jellyfin" "leyla" "ester" "eve"]; - }; - - forgejo = { - gid = 2002; - members = ["forgejo" "leyla"]; - }; - - # pihole = { - # gid = 2003; - # members = ["pihole" "leyla"]; - # }; - }; - - users = { - jellyfin = { - uid = 2000; - group = "jellyfin"; - isSystemUser = true; - }; - - forgejo = { - uid = 2002; - group = "forgejo"; - isSystemUser = true; - }; - - # pihole = { - # uid = 2003; - # group = "forgejo"; - # isSystemUser = true; - # }; - }; - }; - # virtualisation.oci-containers.containers.pihole = { # image = "pihole/pihole:latest"; # environment = { diff --git a/users/ester/default.nix b/users/ester/default.nix index a16b69b..e3ddc15 100644 --- a/users/ester/default.nix +++ b/users/ester/default.nix @@ -18,33 +18,23 @@ in { }; }; - users.groups.ester = {}; + users.users.ester = ( + if cfg.isFullUser + then { + isNormalUser = true; + extraGroups = ["networkmanager" "users"]; - users.users.ester = lib.mkMerge [ - { - uid = 1001; - description = "Ester"; - group = "ester"; + hashedPasswordFile = config.sops.secrets."passwords/ester".path; + + packages = with pkgs; [ + firefox + bitwarden + discord + ]; } - - ( - if cfg.isFullUser - then { - isNormalUser = true; - extraGroups = ["networkmanager" "users"]; - - hashedPasswordFile = config.sops.secrets."passwords/ester".path; - - packages = with pkgs; [ - firefox - bitwarden - discord - ]; - } - else { - isSystemUser = true; - } - ) - ]; + else { + isSystemUser = true; + } + ); }; } diff --git a/users/eve/default.nix b/users/eve/default.nix index 8ad6b61..32693c1 100644 --- a/users/eve/default.nix +++ b/users/eve/default.nix @@ -18,35 +18,25 @@ in { }; }; - users.groups.eve = {}; + users.users.eve = ( + if cfg.isFullUser + then { + isNormalUser = true; + extraGroups = ["networkmanager" "users"]; - users.users.eve = lib.mkMerge [ - { - uid = 1002; - description = "Eve"; - group = "eve"; + hashedPasswordFile = config.sops.secrets."passwords/eve".path; + + packages = with pkgs; [ + firefox + bitwarden + discord + makemkv + signal-desktop + ]; } - - ( - if cfg.isFullUser - then { - isNormalUser = true; - extraGroups = ["networkmanager" "users"]; - - hashedPasswordFile = config.sops.secrets."passwords/eve".path; - - packages = with pkgs; [ - firefox - bitwarden - discord - makemkv - signal-desktop - ]; - } - else { - isSystemUser = true; - } - ) - ]; + else { + isSystemUser = true; + } + ); }; } diff --git a/users/leyla/default.nix b/users/leyla/default.nix index 9454c2d..1934bd2 100644 --- a/users/leyla/default.nix +++ b/users/leyla/default.nix @@ -24,40 +24,30 @@ in { }; }; - users.groups.leyla = {}; + users.users.leyla = ( + if (cfg.isFullUser || cfg.isThinUser) + then { + isNormalUser = true; + extraGroups = lib.mkMerge [ + ["networkmanager" "wheel" "users"] + ( + lib.mkIf (!cfg.isThinUser) ["adbusers"] + ) + ]; - users.users.leyla = lib.mkMerge [ - { - uid = 1000; - description = "Leyla"; - group = "leyla"; - } + hashedPasswordFile = config.sops.secrets."passwords/leyla".path; - ( - if (cfg.isFullUser || cfg.isThinUser) - then { - isNormalUser = true; - extraGroups = lib.mkMerge [ - ["networkmanager" "wheel" "users"] - ( - lib.mkIf (!cfg.isThinUser) ["adbusers"] - ) + openssh = { + authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHeItmt8TRW43uNcOC+eIurYC7Eunc0V3LGocQqLaYj leyla@horizon" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKBiZkg1c2aaNHiieBX4cEziqvJVj9pcDfzUrKU/mO0I leyla@twilight" ]; - - hashedPasswordFile = config.sops.secrets."passwords/leyla".path; - - openssh = { - authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHeItmt8TRW43uNcOC+eIurYC7Eunc0V3LGocQqLaYj leyla@horizon" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKBiZkg1c2aaNHiieBX4cEziqvJVj9pcDfzUrKU/mO0I leyla@twilight" - ]; - }; - } - else { - isSystemUser = true; - } - ) - ]; + }; + } + else { + isSystemUser = true; + } + ); # TODO: this should reference the home directory from the user config services.openssh.hostKeys = [