From ddc087a5480811c1644ab6c380ea882d3a721c5c Mon Sep 17 00:00:00 2001 From: Leyla Becker Date: Sun, 24 Nov 2024 00:47:36 -0600 Subject: [PATCH] removed users from common removed common hardware --- enviroments/common/default.nix | 128 +---------- enviroments/common/users/default.nix | 9 - enviroments/common/users/ester/default.nix | 36 --- enviroments/common/users/eve/default.nix | 36 --- enviroments/common/users/leyla/default.nix | 78 ------- homes/default.nix | 12 +- homes/ester/default.nix | 4 +- homes/eve/default.nix | 4 +- homes/leyla/default.nix | 2 +- homes/leyla/firefox.nix | 6 +- homes/leyla/packages.nix | 128 ++++++----- homes/leyla/vscode.nix | 8 +- hosts/defiant/configuration.nix | 16 +- hosts/defiant/hardware-configuration.nix | 1 - hosts/hardware-common.nix | 15 -- hosts/horizon/configuration.nix | 37 +-- hosts/horizon/hardware-configuration.nix | 1 - hosts/twilight/configuration.nix | 25 ++- hosts/twilight/hardware-configuration.nix | 5 - modules/hardware.nix | 16 ++ modules/users.nix | 249 +++++++++++++++++++++ util/default.nix | 4 +- 22 files changed, 400 insertions(+), 420 deletions(-) delete mode 100644 enviroments/common/users/default.nix delete mode 100644 enviroments/common/users/ester/default.nix delete mode 100644 enviroments/common/users/eve/default.nix delete mode 100644 enviroments/common/users/leyla/default.nix delete mode 100644 hosts/hardware-common.nix create mode 100644 modules/hardware.nix create mode 100644 modules/users.nix diff --git a/enviroments/common/default.nix b/enviroments/common/default.nix index cd8d588..e2c9e40 100644 --- a/enviroments/common/default.nix +++ b/enviroments/common/default.nix @@ -1,11 +1,5 @@ -{ - pkgs, - lib, - ... -}: { - imports = [ - ./users - ]; +{pkgs, ...}: { + imports = []; nix = { settings = { @@ -40,124 +34,6 @@ LC_TIME = "en_US.UTF-8"; }; - users = { - users = { - leyla = { - uid = 1000; - description = "Leyla"; - group = "leyla"; - home = "/home/leyla"; - }; - - ester = { - uid = 1001; - description = "Ester"; - group = "ester"; - home = "/home/ester"; - }; - - eve = { - uid = 1002; - description = "Eve"; - group = "eve"; - home = "/home/eve"; - }; - - jellyfin = { - uid = 2000; - group = "jellyfin"; - isSystemUser = true; - }; - - forgejo = { - uid = 2002; - group = "forgejo"; - isSystemUser = true; - }; - - pihole = { - uid = 2003; - group = "pihole"; - isSystemUser = true; - }; - - hass = { - uid = lib.mkForce 2004; - group = "hass"; - isSystemUser = true; - }; - - headscale = { - uid = 2005; - group = "headscale"; - isSystemUser = true; - }; - - nextcloud = { - uid = 2006; - group = "nextcloud"; - isSystemUser = true; - }; - }; - - groups = { - leyla = { - gid = 1000; - members = ["lelya"]; - }; - - ester = { - gid = 1001; - members = ["ester"]; - }; - - eve = { - gid = 1002; - members = ["eve"]; - }; - - users = { - gid = 100; - members = ["leyla" "ester" "eve"]; - }; - - jellyfin = { - gid = 2000; - members = ["jellyfin" "leyla"]; - }; - - jellyfin_media = { - gid = 2001; - members = ["jellyfin" "leyla" "ester" "eve"]; - }; - - forgejo = { - gid = 2002; - members = ["forgejo" "leyla"]; - }; - - pihole = { - gid = 2003; - members = ["pihole" "leyla"]; - }; - - hass = { - gid = lib.mkForce 2004; - members = ["hass" "leyla"]; - }; - - headscale = { - gid = 2005; - members = ["headscale"]; - }; - - nextcloud = { - gid = 2006; - members = ["nextcloud"]; - }; - }; - }; - services = { automatic-timezoned = { enable = true; diff --git a/enviroments/common/users/default.nix b/enviroments/common/users/default.nix deleted file mode 100644 index ab0baa9..0000000 --- a/enviroments/common/users/default.nix +++ /dev/null @@ -1,9 +0,0 @@ -{...}: { - imports = [ - ./leyla - ./ester - ./eve - ]; - - users.mutableUsers = false; -} diff --git a/enviroments/common/users/ester/default.nix b/enviroments/common/users/ester/default.nix deleted file mode 100644 index 0ebd7d1..0000000 --- a/enviroments/common/users/ester/default.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ - lib, - config, - inputs, - ... -}: let - cfg = config.nixos.users.ester; -in { - options.nixos.users.ester = { - isDesktopUser = lib.mkEnableOption "install applications intended for desktop use"; - }; - - config = { - nixpkgs.config.allowUnfree = true; - - sops.secrets = lib.mkIf cfg.isDesktopUser { - "passwords/ester" = { - neededForUsers = true; - sopsFile = "${inputs.secrets}/user-passwords.yaml"; - }; - }; - - users.users.ester = ( - if cfg.isDesktopUser - then { - isNormalUser = true; - extraGroups = ["networkmanager"]; - - hashedPasswordFile = config.sops.secrets."passwords/ester".path; - } - else { - isSystemUser = true; - } - ); - }; -} diff --git a/enviroments/common/users/eve/default.nix b/enviroments/common/users/eve/default.nix deleted file mode 100644 index fa40112..0000000 --- a/enviroments/common/users/eve/default.nix +++ /dev/null @@ -1,36 +0,0 @@ -{ - lib, - config, - inputs, - ... -}: let - cfg = config.nixos.users.eve; -in { - options.nixos.users.eve = { - isDesktopUser = lib.mkEnableOption "install applications intended for desktop use"; - }; - - config = { - nixpkgs.config.allowUnfree = true; - - sops.secrets = lib.mkIf cfg.isDesktopUser { - "passwords/eve" = { - neededForUsers = true; - sopsFile = "${inputs.secrets}/user-passwords.yaml"; - }; - }; - - users.users.eve = ( - if cfg.isDesktopUser - then { - isNormalUser = true; - extraGroups = ["networkmanager"]; - - hashedPasswordFile = config.sops.secrets."passwords/eve".path; - } - else { - isSystemUser = true; - } - ); - }; -} diff --git a/enviroments/common/users/leyla/default.nix b/enviroments/common/users/leyla/default.nix deleted file mode 100644 index 2c1f87b..0000000 --- a/enviroments/common/users/leyla/default.nix +++ /dev/null @@ -1,78 +0,0 @@ -{ - lib, - config, - inputs, - ... -}: let - cfg = config.nixos.users.leyla; -in { - options.nixos.users.leyla = { - isDesktopUser = lib.mkEnableOption "install applications intended for desktop use"; - isTerminalUser = lib.mkEnableOption "install applications intended for terminal use"; - hasGPU = lib.mkEnableOption "installs gpu intensive programs"; - }; - - config = { - nixpkgs.config.allowUnfree = true; - - sops.secrets = lib.mkIf (cfg.isDesktopUser || cfg.isTerminalUser) { - "passwords/leyla" = { - neededForUsers = true; - sopsFile = "${inputs.secrets}/user-passwords.yaml"; - }; - }; - - users.users.leyla = ( - if (cfg.isDesktopUser || cfg.isTerminalUser) - then { - isNormalUser = true; - extraGroups = ( - ["networkmanager" "wheel" "dialout"] - ++ lib.lists.optional (!cfg.isTerminalUser) "adbusers" - ); - - hashedPasswordFile = config.sops.secrets."passwords/leyla".path; - - openssh = { - authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHeItmt8TRW43uNcOC+eIurYC7Eunc0V3LGocQqLaYj leyla@horizon" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKBiZkg1c2aaNHiieBX4cEziqvJVj9pcDfzUrKU/mO0I leyla@twilight" - ]; - }; - } - else { - isSystemUser = true; - } - ); - - services = { - # ollama = { - # enable = cfg.hasGPU; - # acceleration = "cuda"; - # }; - - # TODO: this should reference the home directory from the user config - openssh.hostKeys = [ - { - comment = "leyla@" + config.networking.hostName; - path = "/home/leyla/.ssh/leyla_" + config.networking.hostName + "_ed25519"; - rounds = 100; - type = "ed25519"; - } - ]; - }; - - programs = { - steam = lib.mkIf cfg.isDesktopUser { - enable = true; - remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play - dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated ServerServer - localNetworkGameTransfers.openFirewall = true; # Open ports in the firewall for Steam Local Network Game Transfers - }; - - noisetorch.enable = cfg.isDesktopUser; - - adb.enable = cfg.isDesktopUser; - }; - }; -} diff --git a/homes/default.nix b/homes/default.nix index 8b44126..587d1c2 100644 --- a/homes/default.nix +++ b/homes/default.nix @@ -1,5 +1,11 @@ { - leyla = import ./leyla; - ester = import ./ester; - eve = import ./eve; + lib, + config, + ... +}: let + users = config.host.users; +in { + leyla = lib.mkIf users.leyla.isNormalUser (import ./leyla); + ester = lib.mkIf users.ester.isNormalUser (import ./ester); + eve = lib.mkIf users.eve.isNormalUser (import ./eve); } diff --git a/homes/ester/default.nix b/homes/ester/default.nix index 3edfca4..1e5d579 100644 --- a/homes/ester/default.nix +++ b/homes/ester/default.nix @@ -4,7 +4,7 @@ osConfig, ... }: let - cfg = osConfig.nixos.users.ester; + cfg = osConfig.host.users.ester; in { config = { home = { @@ -54,7 +54,7 @@ in { # EDITOR = "emacs"; }; - packages = lib.mkIf cfg.isDesktopUser ( + packages = lib.lists.optionals cfg.isDesktopUser ( with pkgs; [ firefox bitwarden diff --git a/homes/eve/default.nix b/homes/eve/default.nix index 0b1d25c..d358b0d 100644 --- a/homes/eve/default.nix +++ b/homes/eve/default.nix @@ -4,7 +4,7 @@ osConfig, ... }: let - cfg = osConfig.nixos.users.eve; + cfg = osConfig.host.users.eve; in { config = { home = { @@ -54,7 +54,7 @@ in { # EDITOR = "emacs"; }; - packages = lib.mkIf cfg.isDesktopUser ( + packages = lib.lists.optionals cfg.isDesktopUser ( with pkgs; [ firefox bitwarden diff --git a/homes/leyla/default.nix b/homes/leyla/default.nix index f87768e..fe90ccd 100644 --- a/homes/leyla/default.nix +++ b/homes/leyla/default.nix @@ -12,7 +12,7 @@ # manage. home = { username = "leyla"; - homeDirectory = osConfig.users.users.leyla.home; + # homeDirectory = osConfig.users.users.leyla.home; # This value determines the Home Manager release that your configuration is # compatible with. This helps avoid breakage when a new Home Manager release diff --git a/homes/leyla/firefox.nix b/homes/leyla/firefox.nix index c325495..32a3c6b 100644 --- a/homes/leyla/firefox.nix +++ b/homes/leyla/firefox.nix @@ -5,11 +5,9 @@ pkgs, inputs, ... -}: let - cfg = osConfig.nixos.users.leyla; -in { +}: { programs.firefox = { - enable = cfg.isDesktopUser; + enable = true; profiles.leyla = { settings = { "browser.search.defaultenginename" = "Searx"; diff --git a/homes/leyla/packages.nix b/homes/leyla/packages.nix index 86da04a..97327ce 100644 --- a/homes/leyla/packages.nix +++ b/homes/leyla/packages.nix @@ -4,7 +4,8 @@ pkgs, ... }: let - cfg = osConfig.nixos.users.leyla; + cfg = osConfig.host.users.leyla; + hardware = osConfig.host.hardware; in { imports = [ ./vscode.nix @@ -12,72 +13,69 @@ in { ]; home = { - packages = lib.mkIf (cfg.isDesktopUser || cfg.isTerminalUser) ( - lib.mkMerge [ - ( + packages = + lib.lists.optionals cfg.isTerminalUser ( + with pkgs; [ + # comand line tools + yt-dlp + ffmpeg + imagemagick + ] + ) + ++ ( + lib.lists.optionals cfg.isDesktopUser ( with pkgs; [ - # comand line tools - yt-dlp - ffmpeg - imagemagick + #foss platforms + signal-desktop + bitwarden + ungoogled-chromium + libreoffice + inkscape + gimp + krita + freecad + # cura + # kicad-small + makemkv + transmission_4-gtk + onionshare + easytag + # rhythmbox + (lib.mkIf hardware.graphicsAcceleration.enable obs-studio) + # wireshark + # rpi-imager + # fritzing + mfoc + + # proprietary platforms + discord + obsidian + steam + (lib.mkIf hardware.graphicsAcceleration.enable davinci-resolve) + + anki-bin + + # development tools + androidStudioPackages.canary + jetbrains.idea-community + dbeaver-bin + bruno + qFlipper + proxmark3 + godot_4-mono + + # system tools + protonvpn-gui + openvpn + nextcloud-client + noisetorch + + # hardware managment tools + (lib.mkIf hardware.piperMouse.enable piper) + (lib.mkIf hardware.openRGB.enable openrgb) + (lib.mkIf hardware.viaKeyboard.enable via) ] ) - ( - lib.mkIf (!cfg.isTerminalUser) ( - with pkgs; [ - #foss platforms - signal-desktop - bitwarden - ungoogled-chromium - libreoffice - inkscape - gimp - krita - freecad - # cura - # kicad-small - makemkv - transmission_4-gtk - onionshare - easytag - # rhythmbox - (lib.mkIf cfg.hasGPU obs-studio) - # wireshark - # rpi-imager - # fritzing - mfoc - - # proprietary platforms - discord - obsidian - steam - (lib.mkIf cfg.hasGPU davinci-resolve) - - anki-bin - - # development tools - androidStudioPackages.canary - jetbrains.idea-community - dbeaver-bin - bruno - qFlipper - proxmark3 - godot_4-mono - - # system tools - protonvpn-gui - openvpn - nextcloud-client - noisetorch - - # hardware managment tools - (lib.mkIf osConfig.hardware.piperMouse.enable piper) - (lib.mkIf osConfig.hardware.openRGB.enable openrgb) - (lib.mkIf osConfig.hardware.viaKeyboard.enable via) - ] - ) - ) - ] - ); + ); }; } diff --git a/homes/leyla/vscode.nix b/homes/leyla/vscode.nix index 02411ad..37127f4 100644 --- a/homes/leyla/vscode.nix +++ b/homes/leyla/vscode.nix @@ -4,9 +4,7 @@ pkgs, inputs, ... -}: let - cfg = osConfig.nixos.users.leyla; -in { +}: { nixpkgs = { overlays = [ inputs.nix-vscode-extensions.overlays.default @@ -14,7 +12,7 @@ in { }; programs = { - bash.shellAliases = lib.mkIf cfg.isDesktopUser { + bash.shellAliases = { code = "codium"; }; @@ -23,7 +21,7 @@ in { open-vsx = extensions.open-vsx; vscode-marketplace = extensions.vscode-marketplace; in { - enable = cfg.isDesktopUser; + enable = true; package = pkgs.vscodium; diff --git a/hosts/defiant/configuration.nix b/hosts/defiant/configuration.nix index 06724b4..78c4ab5 100644 --- a/hosts/defiant/configuration.nix +++ b/hosts/defiant/configuration.nix @@ -7,11 +7,21 @@ imports = [ inputs.disko.nixosModules.disko ../../enviroments/server + + ../../modules/hardware.nix + ../../modules/users.nix ]; - nixos.users = { - leyla = { - isTerminalUser = true; + nixpkgs.config.allowUnfree = true; + + host = { + users = { + leyla = { + isTerminalUser = true; + isDesktopUser = true; + }; + ester.isNormalUser = false; + eve.isNormalUser = false; }; }; diff --git a/hosts/defiant/hardware-configuration.nix b/hosts/defiant/hardware-configuration.nix index 13e4d5e..c84a9b4 100644 --- a/hosts/defiant/hardware-configuration.nix +++ b/hosts/defiant/hardware-configuration.nix @@ -9,7 +9,6 @@ }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") - ../hardware-common.nix ]; security.sudo.extraConfig = "Defaults lecture=never"; diff --git a/hosts/hardware-common.nix b/hosts/hardware-common.nix deleted file mode 100644 index 920d609..0000000 --- a/hosts/hardware-common.nix +++ /dev/null @@ -1,15 +0,0 @@ -{lib, ...}: { - options = { - hardware = { - piperMouse = { - enable = lib.mkEnableOption "host has a piper mouse"; - }; - viaKeyboard = { - enable = lib.mkEnableOption "host has a via keyboard"; - }; - openRGB = { - enable = lib.mkEnableOption "host has open rgb hardware"; - }; - }; - }; -} diff --git a/hosts/horizon/configuration.nix b/hosts/horizon/configuration.nix index 7b85581..53d04e9 100644 --- a/hosts/horizon/configuration.nix +++ b/hosts/horizon/configuration.nix @@ -3,29 +3,32 @@ inputs.nixos-hardware.nixosModules.framework-11th-gen-intel ../../enviroments/client + ../../modules/hardware.nix + ../../modules/users.nix ]; - nixos.users = { - leyla = { - isDesktopUser = true; - }; - ester = { - isDesktopUser = true; - }; - eve = { - isDesktopUser = true; + nixpkgs.config.allowUnfree = true; + + host = { + users = { + leyla = { + isDesktopUser = true; + isTerminalUser = true; + }; + ester.isDesktopUser = true; + eve.isDesktopUser = true; }; }; # enabled virtualisation for docker - virtualisation.docker = { - enable = true; - rootless = { - enable = true; - setSocketVariable = true; - }; - }; - users.extraGroups.docker.members = ["leyla"]; + # virtualisation.docker = { + # enable = true; + # rootless = { + # enable = true; + # setSocketVariable = true; + # }; + # }; + # users.extraGroups.docker.members = ["leyla"]; # Enable touchpad support (enabled default in most desktopManager). # services.xserver.libinput.enable = true; diff --git a/hosts/horizon/hardware-configuration.nix b/hosts/horizon/hardware-configuration.nix index 3645905..e333702 100644 --- a/hosts/horizon/hardware-configuration.nix +++ b/hosts/horizon/hardware-configuration.nix @@ -10,7 +10,6 @@ }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") - ../hardware-common.nix ]; boot = { diff --git a/hosts/twilight/configuration.nix b/hosts/twilight/configuration.nix index 264ea40..17d7a9e 100644 --- a/hosts/twilight/configuration.nix +++ b/hosts/twilight/configuration.nix @@ -1,17 +1,24 @@ {pkgs, ...}: { imports = [ ../../enviroments/client + + ../../modules/hardware.nix + ../../modules/users.nix ]; - nixos.users = { - leyla = { - isDesktopUser = true; - hasGPU = true; + + nixpkgs.config.allowUnfree = true; + + host = { + users = { + leyla.isDesktopUser = true; + ester.isDesktopUser = true; + eve.isDesktopUser = true; }; - ester = { - isDesktopUser = true; - }; - eve = { - isDesktopUser = true; + hardware = { + piperMouse.enable = true; + viaKeyboard.enable = true; + openRGB.enable = true; + graphicsAcceleration.enable = true; }; }; diff --git a/hosts/twilight/hardware-configuration.nix b/hosts/twilight/hardware-configuration.nix index b2f11ee..fe2353b 100644 --- a/hosts/twilight/hardware-configuration.nix +++ b/hosts/twilight/hardware-configuration.nix @@ -10,7 +10,6 @@ }: { imports = [ (modulesPath + "/installer/scan/not-detected.nix") - ../hardware-common.nix ]; boot = { @@ -81,10 +80,6 @@ nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux"; hardware = { - piperMouse.enable = true; - viaKeyboard.enable = true; - openRGB.enable = true; - # Enable OpenGL graphics.enable = true; diff --git a/modules/hardware.nix b/modules/hardware.nix new file mode 100644 index 0000000..b002658 --- /dev/null +++ b/modules/hardware.nix @@ -0,0 +1,16 @@ +{lib, ...}: { + options.host.hardware = { + piperMouse = { + enable = lib.mkEnableOption "host has a piper mouse"; + }; + viaKeyboard = { + enable = lib.mkEnableOption "host has a via keyboard"; + }; + openRGB = { + enable = lib.mkEnableOption "host has open rgb hardware"; + }; + graphicsAcceleration = { + enable = lib.mkEnableOption "host has a gpu for graphical acceleration"; + }; + }; +} diff --git a/modules/users.nix b/modules/users.nix new file mode 100644 index 0000000..849fd68 --- /dev/null +++ b/modules/users.nix @@ -0,0 +1,249 @@ +{ + lib, + config, + inputs, + ... +}: let + uids = { + leyla = 1000; + ester = 1001; + eve = 1002; + jellyfin = 2000; + forgejo = 2002; + pihole = 2003; + hass = 2004; + headscale = 2005; + nextcloud = 2006; + }; + + gids = { + leyla = 1000; + ester = 1001; + eve = 1002; + users = 100; + jellyfin_media = 2001; + jellyfin = 2000; + forgejo = 2002; + pihole = 2003; + hass = 2004; + headscale = 2005; + nextcloud = 2006; + }; + + users = config.users.users; + leyla = users.leyla.name; + ester = users.ester.name; + eve = users.eve.name; +in { + options.host.users = lib.mkOption { + type = lib.types.attrsOf (lib.types.submodule ({config, ...}: { + options = { + isDesktopUser = lib.mkOption { + type = lib.types.bool; + default = false; + description = '' + User should install their desktop applications + ''; + defaultText = lib.literalExpression "config.host.users.\${name}.isDesktopUser"; + }; + isTerminalUser = lib.mkOption { + type = lib.types.bool; + default = false; + description = '' + User should install their terminal applications + ''; + defaultText = lib.literalExpression "config.host.users.\${name}.isTerminalUser"; + }; + isNormalUser = lib.mkOption { + type = lib.types.bool; + default = config.isDesktopUser || config.isTerminalUser; + description = '' + User should install their applications + ''; + defaultText = lib.literalExpression "config.host.users.\${name}.isNormalUser"; + }; + }; + })); + }; + + config = { + # set up user passwords + sops.secrets = { + "passwords/leyla" = { + neededForUsers = true; + sopsFile = "${inputs.secrets}/user-passwords.yaml"; + }; + "passwords/ester" = { + neededForUsers = true; + sopsFile = "${inputs.secrets}/user-passwords.yaml"; + }; + "passwords/eve" = { + neededForUsers = true; + sopsFile = "${inputs.secrets}/user-passwords.yaml"; + }; + }; + + users = { + mutableUsers = false; + users = { + leyla = { + uid = lib.mkForce uids.leyla; + description = "Leyla"; + extraGroups = + (lib.lists.optionals config.host.users.leyla.isNormalUser ["networkmanager" "wheel" "dialout"]) + ++ (lib.lists.optionals config.host.users.leyla.isDesktopUser ["adbusers"]); + hashedPasswordFile = config.sops.secrets."passwords/leyla".path; + isNormalUser = config.host.users.leyla.isNormalUser; + isSystemUser = !config.host.users.leyla.isNormalUser; + group = config.users.users.leyla.name; + }; + + ester = { + uid = lib.mkForce uids.ester; + description = "Ester"; + extraGroups = lib.optionals config.host.users.ester.isNormalUser ["networkmanager"]; + hashedPasswordFile = config.sops.secrets."passwords/ester".path; + isNormalUser = config.host.users.ester.isNormalUser; + isSystemUser = !config.host.users.ester.isNormalUser; + group = config.users.users.ester.name; + }; + + eve = { + uid = lib.mkForce uids.eve; + description = "Eve"; + extraGroups = lib.optionals config.host.users.eve.isNormalUser ["networkmanager"]; + hashedPasswordFile = config.sops.secrets."passwords/eve".path; + isNormalUser = config.host.users.eve.isNormalUser; + isSystemUser = !config.host.users.eve.isNormalUser; + group = config.users.users.eve.name; + }; + + jellyfin = { + uid = lib.mkForce uids.jellyfin; + isSystemUser = true; + group = config.users.users.jellyfin.name; + }; + + forgejo = { + uid = lib.mkForce uids.forgejo; + isSystemUser = true; + group = config.users.users.forgejo.name; + }; + + pihole = { + uid = lib.mkForce uids.pihole; + isSystemUser = true; + group = config.users.users.pihole.name; + }; + + hass = { + uid = lib.mkForce uids.hass; + isSystemUser = true; + group = config.users.users.hass.name; + }; + + headscale = { + uid = lib.mkForce uids.headscale; + isSystemUser = true; + group = config.users.users.headscale.name; + }; + + nextcloud = { + uid = lib.mkForce uids.nextcloud; + isSystemUser = true; + group = config.users.users.nextcloud.name; + }; + }; + + groups = { + leyla = { + gid = lib.mkForce gids.leyla; + members = [ + leyla + ]; + }; + + ester = { + gid = lib.mkForce gids.ester; + members = [ + ester + ]; + }; + + eve = { + gid = lib.mkForce gids.eve; + members = [ + eve + ]; + }; + + users = { + gid = lib.mkForce gids.users; + members = [ + leyla + ester + eve + ]; + }; + + jellyfin_media = { + gid = lib.mkForce gids.jellyfin_media; + members = [ + users.jellyfin.name + leyla + ester + eve + ]; + }; + + jellyfin = { + gid = lib.mkForce gids.jellyfin; + members = [ + users.jellyfin.name + # leyla + ]; + }; + + forgejo = { + gid = lib.mkForce gids.forgejo; + members = [ + users.forgejo.name + # leyla + ]; + }; + + pihole = { + gid = lib.mkForce gids.pihole; + members = [ + users.pihole.name + # leyla + ]; + }; + + hass = { + gid = lib.mkForce gids.hass; + members = [ + users.hass.name + # leyla + ]; + }; + + headscale = { + gid = lib.mkForce gids.headscale; + members = [ + users.headscale.name + # leyla + ]; + }; + + nextcloud = { + gid = lib.mkForce gids.nextcloud; + members = [ + users.nextcloud.name + # leyla + ]; + }; + }; + }; + }; +} diff --git a/util/default.nix b/util/default.nix index e091d80..6146610 100644 --- a/util/default.nix +++ b/util/default.nix @@ -17,12 +17,12 @@ forEachSystem = nixpkgs.lib.genAttrs systems; pkgsFor = system: nixpkgs.legacyPackages.${system}; - home-manager-config = { + home-manager-config = nixpkgs: { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; home-manager.backupFileExtension = "backup"; home-manager.extraSpecialArgs = {inherit inputs;}; - home-manager.users = import ../homes; + home-manager.users = import ../homes nixpkgs; }; in { forEachPkgs = lambda: forEachSystem (system: lambda (pkgsFor system));