From b54c018a59d94bee698d16e2f7f58990fb5d1cec Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Tue, 5 Apr 2022 19:39:32 -0700 Subject: refactor users to a module --- hosts/common/system/default.nix | 3 +-- hosts/common/system/users.nix | 31 ------------------------------- modules/system/default.nix | 2 +- modules/system/users/default.nix | 37 +++++++++++++++++++++++++++++++++++++ 4 files changed, 39 insertions(+), 34 deletions(-) delete mode 100644 hosts/common/system/users.nix create mode 100644 modules/system/users/default.nix diff --git a/hosts/common/system/default.nix b/hosts/common/system/default.nix index 2b48e4e..291314b 100644 --- a/hosts/common/system/default.nix +++ b/hosts/common/system/default.nix @@ -1,6 +1,5 @@ { pkgs, ... }: { - imports = - [ ./boot.nix ./hardware.nix ./network.nix ./security.nix ./users.nix ]; + imports = [ ./boot.nix ./hardware.nix ./network.nix ./security.nix ]; } diff --git a/hosts/common/system/users.nix b/hosts/common/system/users.nix deleted file mode 100644 index 7d847f3..0000000 --- a/hosts/common/system/users.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ config, lib, pkgs, ... }: - -{ - # Users are managed through this configuration. If a user is added - # manually, it will be removed on system activation. - users.mutableUsers = false; - - users.groups.fcuny = { gid = 1000; }; - users.users.fcuny = { - isNormalUser = true; - uid = 1000; - group = "fcuny"; - home = "/home/fcuny"; - shell = pkgs.fish; - extraGroups = [ "users" "wheel" "docker" ]; - hashedPassword = - "$6$i.z1brxtb44JAEco$fDD2Izl.zRR9vBCB2VBKPScChGw38EEl7QEiBTJ/EwgP3oSL0X3ZHq0PJ.RtqzBsWTPUjl4F3MKOBMhnaAPr6."; - openssh.authorizedKeys.keys = [ - # aptos - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIdlm/qoR/dnMjZhVSTtqFzkgN3Yf9eQ3pgKMiipg+dl" - # work - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINSWhXmnUplM+xltD0sYiJ6AsjkwHvbjTYLA7GHXHja9" - ]; - }; - - users.users.root = { - hashedPassword = null; - openssh.authorizedKeys.keys = - config.users.users.fcuny.openssh.authorizedKeys.keys; - }; -} diff --git a/modules/system/default.nix b/modules/system/default.nix index 1f832bf..3f7d3ec 100644 --- a/modules/system/default.nix +++ b/modules/system/default.nix @@ -1 +1 @@ -{ ... }: { imports = [ ./console ./locale ./nix ]; } +{ ... }: { imports = [ ./console ./locale ./nix ./users ]; } diff --git a/modules/system/users/default.nix b/modules/system/users/default.nix new file mode 100644 index 0000000..b39067c --- /dev/null +++ b/modules/system/users/default.nix @@ -0,0 +1,37 @@ +{ config, lib, pkgs, ... }: +let + groupExists = grp: builtins.hasAttr grp config.users.groups; + groupsIfExist = builtins.filter groupExists; +in { + # Users are managed through this configuration. If a user is added + # manually, it will be removed on system activation. + users.mutableUsers = false; + + users.groups.fcuny = { gid = 1000; }; + users.users.fcuny = { + isNormalUser = true; + uid = 1000; + group = "fcuny"; + home = "/home/fcuny"; + shell = pkgs.fish; + extraGroups = groupsIfExist [ + "docker" + "users" + "wheel" # `sudo` for the user. + ]; + hashedPassword = + "$6$i.z1brxtb44JAEco$fDD2Izl.zRR9vBCB2VBKPScChGw38EEl7QEiBTJ/EwgP3oSL0X3ZHq0PJ.RtqzBsWTPUjl4F3MKOBMhnaAPr6."; + openssh.authorizedKeys.keys = [ + # aptos + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIdlm/qoR/dnMjZhVSTtqFzkgN3Yf9eQ3pgKMiipg+dl" + # work + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINSWhXmnUplM+xltD0sYiJ6AsjkwHvbjTYLA7GHXHja9" + ]; + }; + + users.users.root = { + hashedPassword = null; + openssh.authorizedKeys.keys = + config.users.users.fcuny.openssh.authorizedKeys.keys; + }; +} -- cgit v1.2.3