aboutsummaryrefslogtreecommitdiff
path: root/machines/nixos
diff options
context:
space:
mode:
Diffstat (limited to 'machines/nixos')
-rw-r--r--machines/nixos/x86_64-linux/argonath.nix13
-rw-r--r--machines/nixos/x86_64-linux/bree.nix22
-rw-r--r--machines/nixos/x86_64-linux/iso.nix17
-rw-r--r--machines/nixos/x86_64-linux/rivendell.nix37
4 files changed, 31 insertions, 58 deletions
diff --git a/machines/nixos/x86_64-linux/argonath.nix b/machines/nixos/x86_64-linux/argonath.nix
index 4b72ca9..3dda772 100644
--- a/machines/nixos/x86_64-linux/argonath.nix
+++ b/machines/nixos/x86_64-linux/argonath.nix
@@ -1,4 +1,4 @@
-{ adminUser, ... }:
+{ ... }:
{
imports = [
../../../profiles/acme.nix
@@ -10,17 +10,16 @@
../../../profiles/reverse-proxy.nix
../../../profiles/server.nix
../../../profiles/wireguard.nix
+ ../../../profiles/users/fcuny.nix
];
networking.hostName = "argonath";
system.stateVersion = "25.05"; # Did you read the comment?
- home-manager = {
- users.${adminUser.name} = {
- imports = [
- ../../../home/profiles/minimal.nix
- ];
- };
+ home-manager.users.fcuny = {
+ imports = [
+ ../../../home/profiles/minimal.nix
+ ];
};
}
diff --git a/machines/nixos/x86_64-linux/bree.nix b/machines/nixos/x86_64-linux/bree.nix
index f91bf4f..9c9177d 100644
--- a/machines/nixos/x86_64-linux/bree.nix
+++ b/machines/nixos/x86_64-linux/bree.nix
@@ -1,9 +1,4 @@
-{
- lib,
- adminUser,
- config,
- ...
-}:
+{ lib, config, ... }:
{
imports = [
../../../profiles/cgroups.nix
@@ -12,6 +7,7 @@
../../../profiles/hardware/synology-vm.nix
../../../profiles/home-manager.nix
../../../profiles/server.nix
+ ../../../profiles/users/fcuny.nix
../../../profiles/wireguard.nix
];
@@ -19,14 +15,6 @@
networking.useDHCP = lib.mkDefault true;
systemd.network.wait-online.anyInterface = lib.mkDefault config.networking.useDHCP;
- home-manager = {
- users.${adminUser.name} = {
- imports = [
- ../../../home/profiles/minimal.nix
- ];
- };
- };
-
age.secrets.disk-unlock-key.file = ../../../secrets/bree/disk-unlock-key.age;
age.secrets.disk-passphrase.file = ../../../secrets/bree/disk-passphrase.age;
@@ -40,4 +28,10 @@
};
system.stateVersion = "23.11"; # Did you read the comment?
+
+ home-manager.users.fcuny = {
+ imports = [
+ ../../../home/profiles/minimal.nix
+ ];
+ };
}
diff --git a/machines/nixos/x86_64-linux/iso.nix b/machines/nixos/x86_64-linux/iso.nix
index 89acbf7..c2ecd74 100644
--- a/machines/nixos/x86_64-linux/iso.nix
+++ b/machines/nixos/x86_64-linux/iso.nix
@@ -1,23 +1,22 @@
-{ adminUser, modulesPath, ... }:
+{ modulesPath, ... }:
{
# run `nix build .#nixosConfigurations.iso.config.system.build.isoImage` to build the image
imports = [
"${modulesPath}/installer/cd-dvd/channel.nix"
"${modulesPath}/installer/cd-dvd/installation-cd-minimal.nix"
../../../profiles/home-manager.nix
+ ../../../profiles/users/fcuny.nix
];
boot.loader.grub.efiSupport = true;
boot.loader.grub.efiInstallAsRemovable = true;
boot.loader.grub.device = "nodev";
- home-manager = {
- users.${adminUser.name} = {
- imports = [
- ../../../home/profiles/minimal.nix
- ];
- };
- };
-
system.stateVersion = "25.05"; # Did you read the comment?
+
+ home-manager.users.fcuny = {
+ imports = [
+ ../../../home/profiles/minimal.nix
+ ];
+ };
}
diff --git a/machines/nixos/x86_64-linux/rivendell.nix b/machines/nixos/x86_64-linux/rivendell.nix
index f106f83..0bd799c 100644
--- a/machines/nixos/x86_64-linux/rivendell.nix
+++ b/machines/nixos/x86_64-linux/rivendell.nix
@@ -1,9 +1,4 @@
-{
- lib,
- config,
- adminUser,
- ...
-}:
+{ lib, config, ... }:
{
imports = [
../../../profiles/authelia.nix
@@ -18,6 +13,8 @@
../../../profiles/remote-unlock.nix
../../../profiles/restic-backup.nix
../../../profiles/server.nix
+ ../../../profiles/users/builder.nix
+ ../../../profiles/users/fcuny.nix
../../../profiles/wireguard.nix
];
@@ -26,19 +23,6 @@
networking.useDHCP = lib.mkDefault true;
systemd.network.wait-online.anyInterface = lib.mkDefault config.networking.useDHCP;
- users.users.builder = {
- openssh.authorizedKeys.keys = [
- # my personal key
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBkozy+X96u5ciX766bJ/AyQ3xm1tXZTIr5+4PVFZFi"
- # remote builder ssh key
- "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGFGxdplt9WwGjdhoYkmPe2opZMJShtpqnGCI+swrgvw"
- ];
- isNormalUser = true;
- group = "nogroup";
- };
-
- nix.settings.trusted-users = [ "builder" ];
-
services.website = {
enable = true;
openFirewall = true;
@@ -84,14 +68,11 @@
openFirewall = true;
};
- home-manager = {
- users.${adminUser.name} = {
- imports = [
- ../../../home/profiles/minimal.nix
- ];
- inherit (adminUser) userinfo;
- };
- };
-
system.stateVersion = "23.11"; # Did you read the comment?
+
+ home-manager.users.fcuny = {
+ imports = [
+ ../../../home/profiles/minimal.nix
+ ];
+ };
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-16 20:52:02 +0000