parameterised username in users
This commit is contained in:
parent
305237c3ea
commit
f3a8dac948
|
@ -1,15 +1,15 @@
|
||||||
{ pkgs, inputs, config, lib, ... }:
|
{ pkgs, inputs, config, lib, ... }:
|
||||||
let
|
let
|
||||||
|
username = "media";
|
||||||
pubKeys = lib.filesystem.listFilesRecursive (../keys);
|
pubKeys = lib.filesystem.listFilesRecursive (../keys);
|
||||||
hostname = config.networking.hostName;
|
hostname = config.networking.hostName;
|
||||||
sopsHashedPasswordFile = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."passwords/${user}".path;
|
sopsHashedPasswordFile = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."passwords/${username}".path;
|
||||||
secretsDirectory = builtins.toString inputs.nix-secrets;
|
secretsDirectory = builtins.toString inputs.nix-secrets;
|
||||||
secretsFile = "${secretsDirectory}/secrets.yaml";
|
secretsFile = "${secretsDirectory}/secrets.yaml";
|
||||||
username = "media";
|
|
||||||
|
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
users.users.${username} = {
|
users.users."${username}" = {
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
shell = pkgs.zsh; # default shell
|
shell = pkgs.zsh; # default shell
|
||||||
hashedPasswordFile = sopsHashedPasswordFile;
|
hashedPasswordFile = sopsHashedPasswordFile;
|
||||||
|
@ -20,11 +20,15 @@ in
|
||||||
"wheel" "video" "audio" "disk" "networkmanager"
|
"wheel" "video" "audio" "disk" "networkmanager"
|
||||||
];
|
];
|
||||||
|
|
||||||
|
packages = with pkgs; [
|
||||||
|
flatpak
|
||||||
|
gnome.gnome-software
|
||||||
|
];
|
||||||
};
|
};
|
||||||
|
|
||||||
environment.persistence."/persist" = {
|
environment.persistence."/persist" = {
|
||||||
hideMounts = true;
|
hideMounts = true;
|
||||||
users.${user}= {
|
users."${username}"= {
|
||||||
directories = [
|
directories = [
|
||||||
"sync"
|
"sync"
|
||||||
"keep"
|
"keep"
|
||||||
|
@ -48,22 +52,16 @@ in
|
||||||
sops.secrets."ssh_keys/${username}/id_ed25519" = {
|
sops.secrets."ssh_keys/${username}/id_ed25519" = {
|
||||||
path = "/home/${username}/.ssh/id_ed25519";
|
path = "/home/${username}/.ssh/id_ed25519";
|
||||||
mode = "0600";
|
mode = "0600";
|
||||||
owner = config.users.users.${username}.name;
|
owner = "${username}";
|
||||||
};
|
};
|
||||||
|
|
||||||
sops.secrets."ssh_keys/${username}/id_ed25519.pub" = {
|
sops.secrets."ssh_keys/${username}/id_ed25519.pub" = {
|
||||||
path = "/home/${username}/.ssh/id_ed25519.pub";
|
path = "/home/${username}/.ssh/id_ed25519.pub";
|
||||||
mode = "0644";
|
mode = "0644";
|
||||||
owner = config.users.users.${username}.name;
|
owner = "${username}";
|
||||||
};
|
};
|
||||||
|
|
||||||
services.flatpak.enable = true;
|
services.flatpak.enable = true;
|
||||||
users.users.${username} = {
|
|
||||||
packages = with pkgs; [
|
|
||||||
flatpak
|
|
||||||
gnome.gnome-software
|
|
||||||
];
|
|
||||||
};
|
|
||||||
|
|
||||||
programs.zsh.enable = true;
|
programs.zsh.enable = true;
|
||||||
programs.fuse.userAllowOther = true;
|
programs.fuse.userAllowOther = true;
|
||||||
|
@ -71,7 +69,7 @@ in
|
||||||
home-manager = {
|
home-manager = {
|
||||||
extraSpecialArgs = { inherit inputs; };
|
extraSpecialArgs = { inherit inputs; };
|
||||||
users = {
|
users = {
|
||||||
${username} = import ../../../../home/${hostname}.nix;
|
"${username}" = import ../../../../home/${hostname}.nix;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -7,7 +7,7 @@ in
|
||||||
[
|
[
|
||||||
# Disk configuration
|
# Disk configuration
|
||||||
inputs.disko.nixosModules.disko
|
inputs.disko.nixosModules.disko
|
||||||
(import ../common/disks/std-disk-config.nix { device = ${dev}; })
|
(import ../common/disks/std-disk-config.nix { device = dev; })
|
||||||
../common/optional/btrfs-impermanence.nix
|
../common/optional/btrfs-impermanence.nix
|
||||||
|
|
||||||
# Create users for this host
|
# Create users for this host
|
||||||
|
|
Loading…
Reference in New Issue