diff options
| author | Franck Cuny <franck@fcuny.net> | 2025-12-13 15:19:21 -0800 |
|---|---|---|
| committer | Franck Cuny <franck@fcuny.net> | 2025-12-13 15:19:21 -0800 |
| commit | 771039f64d44a60f9691582fe559e26b431bbbe8 (patch) | |
| tree | 1f980dd57b0f3256825f04f101c81ae458a4b424 /profiles | |
| parent | update builders configuration (diff) | |
| download | infra-771039f64d44a60f9691582fe559e26b431bbbe8.tar.gz | |
remove abstractions for managing users
Diffstat (limited to 'profiles')
| -rw-r--r-- | profiles/darwin.nix | 11 | ||||
| -rw-r--r-- | profiles/defaults.nix | 2 | ||||
| -rw-r--r-- | profiles/home-manager.nix | 2 | ||||
| -rw-r--r-- | profiles/users/builder.nix | 15 | ||||
| -rw-r--r-- | profiles/users/fcuny.nix | 24 |
5 files changed, 44 insertions, 10 deletions
diff --git a/profiles/darwin.nix b/profiles/darwin.nix index 736578c..8b260f5 100644 --- a/profiles/darwin.nix +++ b/profiles/darwin.nix @@ -1,9 +1,4 @@ -{ - lib, - pkgs, - adminUser, - ... -}: +{ lib, pkgs, ... }: { fonts.packages = with pkgs; [ source-code-pro @@ -45,7 +40,7 @@ # Touch ID for sudo auth security.pam.services.sudo_local.touchIdAuth = true; - system.primaryUser = adminUser.name; + system.primaryUser = "fcuny"; nix = { extraOptions = '' @@ -73,7 +68,7 @@ ]; trusted-users = [ "@admin" - adminUser.name + "fcuny" ]; experimental-features = lib.mkDefault [ "nix-command" diff --git a/profiles/defaults.nix b/profiles/defaults.nix index 8396599..d98daa0 100644 --- a/profiles/defaults.nix +++ b/profiles/defaults.nix @@ -116,6 +116,8 @@ security.sudo.wheelNeedsPassword = false; + programs.fish.enable = true; + environment.systemPackages = with pkgs; [ bottom curl diff --git a/profiles/home-manager.nix b/profiles/home-manager.nix index e2204ac..47919a9 100644 --- a/profiles/home-manager.nix +++ b/profiles/home-manager.nix @@ -3,7 +3,6 @@ hostName, inputs, config, - adminUser, ... }: { @@ -12,7 +11,6 @@ self hostName inputs - adminUser ; } // { diff --git a/profiles/users/builder.nix b/profiles/users/builder.nix new file mode 100644 index 0000000..32f318f --- /dev/null +++ b/profiles/users/builder.nix @@ -0,0 +1,15 @@ +{ ... }: +{ + nix.settings.trusted-users = [ "builder" ]; + + users.users.builder = { + openssh.authorizedKeys.keys = [ + # my personal key + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBkozy+X96u5ciX766bJ/AyQ3xm1tXZTIr5+4PVFZFi" + # remote builder ssh key + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGFGxdplt9WwGjdhoYkmPe2opZMJShtpqnGCI+swrgvw" + ]; + isNormalUser = true; + group = "nogroup"; + }; +} diff --git a/profiles/users/fcuny.nix b/profiles/users/fcuny.nix new file mode 100644 index 0000000..1a2b490 --- /dev/null +++ b/profiles/users/fcuny.nix @@ -0,0 +1,24 @@ +{ pkgs, ... }: +{ + nix.settings.trusted-users = [ "fcuny" ]; + users.users.fcuny = { + uid = 1000; + shell = pkgs.fish; + isNormalUser = true; + hashedPassword = "$6$Llw8m62nKMLLN9mm$3.a4CKUFlqwkG8vjBryLlBNwTwgH63vpg2nhYwRoQzG76Q91vTXnlYDujS4G5yGrWoatkKZx5epCx4/NAvRh2/"; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBkozy+X96u5ciX766bJ/AyQ3xm1tXZTIr5+4PVFZFi" + ]; + extraGroups = [ + "wheel" + ]; + }; + + home-manager.users.fcuny = { + home.username = "fcuny"; + userinfo = { + email = "franck@fcuny.net"; + fullName = "Franck Cuny"; + }; + }; +} |