Dehardcoded user configuration.

2019-04-13 00:05:39 +02:00 · 2019-04-13 00:05:39 +02:00 · d2c6b3931e
commit d2c6b3931e
parent 347d406ea9
5 changed files with 38 additions and 19 deletions
--- a/config/users.nix
+++ b/config/users.nix
@ -1,30 +1,41 @@
-{ config, lib, ... }:
+{ config, lib, pkgs, ... }:

 with lib;

-{
-  users = {
-    mutableUsers = false;
-    users.derped = {
+let
+  administrators = user: {
+    name = user.name;
+    value = {
      isNormalUser = true;
-      home = "/home/derped";
+      name = user.name;
+      uid  = user.id;
+      home = builtins.toPath "/home/${user.name}";
      createHome = true;
-      description = "";
-      group = "derped";
+      description = "Administrative user ${user.name}.";
+      group = user.name;
      extraGroups = [ "audio" "wheel" "network" ]
        ++ (if config.services.xserver.enable then [ "input" ] else [])
        ++ (if config.services.printing.enable then [ "cups" "lp" ] else [])
        ++ (if config.virtualisation.docker.enable then [ "docker"] else []);
-      uid = 1337;
-      shell = "/run/current-system/sw/bin/zsh";
-      passwordFile = "/secret/derped";
-      openssh.authorizedKeys.keyFiles = if config.services.openssh.enable then [ "/secret/derped.pub" ] else [];
-    };
-
-    groups.derped = {
-      name = "derped";
-      gid = 1337;
-      members = [ "derped" ];
+      shell = "${pkgs.zsh}/bin/zsh";
+      passwordFile = "/secret/${user.name}";
+      openssh.authorizedKeys.keyFiles = if config.services.openssh.enable then [ "/secret/${user.name}.pub" ] else [];
    };
  };
+
+   mkusergroup = user: {
+     name = user.name;
+     value = {
+       name = user.name;
+       gid = user.id;
+       members = [ user.name ];
+     };
+   };
+
+in {
+  users = {
+    mutableUsers = false;
+    users = listToAttrs (map administrators config.machine.administrators);
+    groups = listToAttrs (map mkusergroup config.machine.administrators);
+  };
 }