From ea4c699b81bb41c49ffc9a85a1f54730256c9192 Mon Sep 17 00:00:00 2001 From: Bruno BELANYI Date: Sat, 29 May 2021 21:14:28 +0200 Subject: [PATCH] modules: system: users: make it configurable Notably, make use of my global 'username' option. --- modules/system/users.nix | 65 ++++++++++++++++++++++++---------------- 1 file changed, 39 insertions(+), 26 deletions(-) diff --git a/modules/system/users.nix b/modules/system/users.nix index 15896e0..4493c75 100644 --- a/modules/system/users.nix +++ b/modules/system/users.nix @@ -1,36 +1,49 @@ # User setup { config, lib, pkgs, ... }: let - my = config.my; + secrets = config.my.secrets; + cfg = config.my.system.users; groupExists = grp: builtins.hasAttr grp config.users.groups; groupsIfExist = builtins.filter groupExists; in { - users.mutableUsers = false; # I want it to be declarative. + options.my.system.users = with lib; { + enable = my.mkDisableOption "user configuration"; + }; - # Define user accounts and passwords. - users.users.root.hashedPassword = my.secrets.users.root.hashedPassword; - users.users.ambroisie = { - hashedPassword = my.secrets.users.ambroisie.hashedPassword; - description = "Bruno BELANYI"; - isNormalUser = true; - shell = pkgs.zsh; - extraGroups = groupsIfExist [ - "audio" # sound control - "media" # access to media files - "networkmanager" # wireless configuration - "plugdev" # usage of ZSA keyboard tools - "video" # screen control - "wheel" # `sudo` for the user. - ]; - openssh.authorizedKeys.keys = with builtins; - let - keyDir = ./ssh; - contents = readDir keyDir; - names = attrNames contents; - files = filter (name: contents.${name} == "regular") names; - keys = map (basename: readFile (keyDir + "/${basename}")) files; - in - keys; + config = lib.mkIf cfg.enable { + users = { + mutableUsers = false; # I want it to be declarative. + + users = { + root = { + inherit (secrets.users.root) hashedPassword; + }; + + ${config.my.username} = { + inherit (secrets.users.${config.my.username}) hashedPassword; + description = "Bruno BELANYI"; + isNormalUser = true; + shell = pkgs.zsh; + extraGroups = groupsIfExist [ + "audio" # sound control + "media" # access to media files + "networkmanager" # wireless configuration + "plugdev" # usage of ZSA keyboard tools + "video" # screen control + "wheel" # `sudo` for the user. + ]; + openssh.authorizedKeys.keys = with builtins; + let + keyDir = ./ssh; + contents = readDir keyDir; + names = attrNames contents; + files = filter (name: contents.${name} == "regular") names; + keys = map (basename: readFile (keyDir + "/${basename}")) files; + in + keys; + }; + }; + }; }; }