Dehardcoded user configuration.

This commit is contained in:
Kevin Baensch 2019-04-13 00:05:39 +02:00
parent 347d406ea9
commit d2c6b3931e
5 changed files with 38 additions and 19 deletions

View file

@ -1,30 +1,41 @@
{ config, lib, ... }: { config, lib, pkgs, ... }:
with lib; with lib;
{ let
users = { administrators = user: {
mutableUsers = false; name = user.name;
users.derped = { value = {
isNormalUser = true; isNormalUser = true;
home = "/home/derped"; name = user.name;
uid = user.id;
home = builtins.toPath "/home/${user.name}";
createHome = true; createHome = true;
description = ""; description = "Administrative user ${user.name}.";
group = "derped"; group = user.name;
extraGroups = [ "audio" "wheel" "network" ] extraGroups = [ "audio" "wheel" "network" ]
++ (if config.services.xserver.enable then [ "input" ] else []) ++ (if config.services.xserver.enable then [ "input" ] else [])
++ (if config.services.printing.enable then [ "cups" "lp" ] else []) ++ (if config.services.printing.enable then [ "cups" "lp" ] else [])
++ (if config.virtualisation.docker.enable then [ "docker"] else []); ++ (if config.virtualisation.docker.enable then [ "docker"] else []);
uid = 1337; shell = "${pkgs.zsh}/bin/zsh";
shell = "/run/current-system/sw/bin/zsh"; passwordFile = "/secret/${user.name}";
passwordFile = "/secret/derped"; openssh.authorizedKeys.keyFiles = if config.services.openssh.enable then [ "/secret/${user.name}.pub" ] else [];
openssh.authorizedKeys.keyFiles = if config.services.openssh.enable then [ "/secret/derped.pub" ] else [];
};
groups.derped = {
name = "derped";
gid = 1337;
members = [ "derped" ];
}; };
}; };
mkusergroup = user: {
name = user.name;
value = {
name = user.name;
gid = user.id;
members = [ user.name ];
};
};
in {
users = {
mutableUsers = false;
users = listToAttrs (map administrators config.machine.administrators);
groups = listToAttrs (map mkusergroup config.machine.administrators);
};
} }

View file

@ -9,6 +9,7 @@ with lib;
config.machine = { config.machine = {
hostName = "CDServer"; hostName = "CDServer";
administrators = [ { name = "derped"; id = 1337; } ];
allowUnfree = true; allowUnfree = true;
conffiles = [ conffiles = [
"etcvars" "etcvars"

View file

@ -11,6 +11,7 @@ with lib;
config.machine = { config.machine = {
allowUnfree = true; allowUnfree = true;
hostName = "Lilim"; hostName = "Lilim";
administrators = [ { name = "derped"; id = 1337; } ];
conffiles = [ conffiles = [
"etcfiles" "etcfiles"
"etcvars" "etcvars"
@ -30,7 +31,6 @@ with lib;
"xpkgs" "xpkgs"
]; ];
services = [ services = [
"containers"
"desktop" "desktop"
"udev" "udev"
"cups" "cups"

View file

@ -9,6 +9,7 @@ with lib;
config.machine = { config.machine = {
hostName = "Ophanim"; hostName = "Ophanim";
administrators = [ { name = "derped"; id = 1337; } ];
domain = "ophanim.de"; domain = "ophanim.de";
allowUnfree = true; allowUnfree = true;
conffiles = [ conffiles = [

View file

@ -34,6 +34,12 @@ with lib;
The Machines HostName The Machines HostName
''; '';
}; };
administrators = mkOption {
type = types.listOf types.attrs;
description = ''
List of administrative users.
'';
};
domain = mkOption { domain = mkOption {
type = types.str; type = types.str;
default = "localhost"; default = "localhost";