1
0
Fork 0

Code cleanup.

This commit is contained in:
Kevin Baensch 2019-09-06 11:38:02 +02:00
parent 9b6cea1696
commit 94e969abd9
4 changed files with 10 additions and 13 deletions

View file

@ -1,8 +1,6 @@
{ config, ... }: { config, ... }:
let {
firewallcfg = config.machine.firewall;
in {
networking = { networking = {
hostName = config.machine.hostName; hostName = config.machine.hostName;
}; };

View file

@ -14,12 +14,12 @@ let
description = "Administrative user ${user.name}."; description = "Administrative user ${user.name}.";
group = user.name; group = user.name;
extraGroups = [ "audio" "wheel" "network" ] extraGroups = [ "audio" "wheel" "network" ]
++ (if config.services.xserver.enable then [ "input" ] else []) ++ (optional config.services.xserver.enable "input")
++ (if config.services.printing.enable then [ "cups" "lp" ] else []) ++ (optionals config.services.printing.enable [ "cups" "lp" ])
++ (if config.virtualisation.docker.enable then [ "docker"] else []); ++ (optional config.virtualisation.docker.enable "docker");
shell = "${pkgs.zsh}/bin/zsh"; shell = "${pkgs.zsh}/bin/zsh";
passwordFile = "${config.machine.secretPath}/${user.name}"; passwordFile = "${config.machine.secretPath}/${user.name}";
openssh.authorizedKeys.keyFiles = if config.services.openssh.enable then [ "${config.machine.secretPath}/${user.name}.pub" ] else []; openssh.authorizedKeys.keyFiles = optional config.services.openssh.enable "${config.machine.secretPath}/${user.name}.pub";
}; };
}; };

View file

@ -4,7 +4,7 @@ with lib;
let let
cfg = config.machine; cfg = config.machine;
optPkgs = package: pkgstring: optionals (elem pkgstring cfg.pkgs) package; optPkgs = package: pkgstring: optionals (elem pkgstring cfg.pkgs) (toList package);
gitpkgs = import /nixpkgs {}; gitpkgs = import /nixpkgs {};
stablepkgs = import <nixos-stable> {}; stablepkgs = import <nixos-stable> {};
@ -278,13 +278,13 @@ let
in { in {
environment.systemPackages = base environment.systemPackages = base
++ (optPkgs dict "dict") ++ (optPkgs dict "dict")
++ (optPkgs [emacs] "emacs") ++ (optPkgs emacs "emacs")
++ (optPkgs extra "extra") ++ (optPkgs extra "extra")
++ (optPkgs mail_utils "mailutils") ++ (optPkgs mail_utils "mailutils")
++ (optPkgs cpp "cpp") ++ (optPkgs cpp "cpp")
++ (optPkgs [haskell] "haskell") ++ (optPkgs haskell "haskell")
++ (optPkgs java "java") ++ (optPkgs java "java")
++ (optPkgs [python3] "python3") ++ (optPkgs python3 "python3")
++ (optPkgs rustpkgs "rustpkgs") ++ (optPkgs rustpkgs "rustpkgs")
++ (optPkgs server "server") ++ (optPkgs server "server")
++ (optPkgs uniProgs "uniProgs") ++ (optPkgs uniProgs "uniProgs")

View file

@ -16,8 +16,7 @@ mkIf (elem "openssh" config.machine.services) {
passwordAuthentication = false; passwordAuthentication = false;
permitRootLogin = "no"; permitRootLogin = "no";
extraConfig = let users = concatMapStrings (user: "${user.name} ") config.machine.administrators extraConfig = let users = concatMapStrings (user: "${user.name} ") config.machine.administrators
+ (if config.services.gitea.enable then (config.services.gitea.user + " ") else "") + (optionalString config.services.gitea.enable (config.services.gitea.user + " "));
+ (if config.services.nix-serve.enable then "nix-ssh" else "");
in '' in ''
UsePAM no UsePAM no
AllowUsers ${users} AllowUsers ${users}