add basic user management

2023-12-23 08:27:00 +01:00 · 2023-12-23 08:27:00 +01:00 · aca834a717
commit aca834a717
parent f2c3f279d5
8 changed files with 47 additions and 12 deletions
--- a/flake.nix
+++ b/flake.nix
@ -24,6 +24,7 @@
        hostname,
        system ? "x86_64-linux",
        modules ? [],
        users ? [],
      }: nixpkgs.lib.nixosSystem {
        inherit system hostname;
        modules = [
@ -32,7 +33,7 @@
          ./system/programs.nix
          ./system/configuration.nix
          ./system/${hostname}/configuration.nix
-        ] ++ fileList "modules" ++ modules;
+        ] ++ fileList "modules" ++ modules ++ map (user: ./users/${user}/default.nix ) users;
      };
    in {
      photon = constructSystem {
--- a/modules/default.nix
+++ b/modules/default.nix
@ -1,5 +0,0 @@
 { lib, ... }:
 {
  options.opinionatedDefaults = lib.mkEnableOption "opinionated defaults";
 }
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@ -0,0 +1,13 @@
 let
  alice = "ssh-ed25519 AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA";
  dennis = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJFc7O+5G6fwpXv9j/miJzST6g1AKkPTFtKwuj6j8NC+";
  allUsers = [alice dennis];
  palatine-hill = "ssh-ed25519 AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA";
  photon = "ssh-ed25519 AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA";
  allSystems = [palatine-hill photon];
 in {
  "TEST.age".publicKeys = allUsers ++ [photon];
 }
--- a/systems/configuration.nix
+++ b/systems/configuration.nix
@ -190,7 +190,5 @@ in {
      persistent = true;
      system.autoUpgrade.flake = "github:RAD-Development/nix-dotfiles";
    };
    stateVersion = "22.11";
  };
 }
--- a/systems/palatine-hill/configuration.nix
+++ b/systems/palatine-hill/configuration.nix
@ -26,10 +26,6 @@ in {
    };
  };
  users.users.brain = {
    extraGroups = [ "docker" ];
  };
  environment.systemPackages = with pkgs; [
    docker-compose
  ];
@ -45,4 +41,6 @@ in {
  };
  networking.firewall.enable = false;
  system.stateVersion = "23.05";
 }
--- a/users/alice/default.nix
+++ b/users/alice/default.nix
@ -0,0 +1,27 @@
 {
  pkgs,
  lib,
  config,
 }: let
  pubKeys = import ./keys/default.nix;
 in {
  isNormalUser = true;
  description = "AmethystAndroid";
  uid = 1000;
  extraGroups = [
    "wheel"
    "media"
    (lib.mkIf config.networking.networkmanager.enable "networkmanager")
    (lib.mkIf config.programs.adb.enable "adbusers")
    (lib.mkIf config.programs.wireshark.enable "wireshark")
    (lib.mkIf config.programs.virtualisation.docker.enable "docker")
    "libvirtd"
    "dialout"
    "plugdev"
    "uaccess"
  ];
  shell = pkgs.fish;
  openssh.authorizedKeys.keys = [
    (lib.mkIf (pubKeys ? ${config.networking.hostName}) pubKeys.${config.networking.hostName})
  ];
 }
--- a/users/alice/keys/default.nix
+++ b/users/alice/keys/default.nix
@ -0,0 +1,3 @@
 {
  palatine-hill = "ed25516-AAAAAAA";
 }
--- a/users/user.nix
+++ b/users/user.nix