Personal Nix flake
nixos home-manager nix
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

chore: Split individual user definitions into their own modules

+83 -40
+1
nix/nixos/configs/desktop/default.nix
··· 10 10 ci.build = true; 11 11 gaming.enable = true; 12 12 networking.tailscale.trusted = true; 13 + users.emily.enable = true; 13 14 profiles = { 14 15 formfactor.desktop = true; 15 16 hardware.gpu.nvidia = true;
+1
nix/nixos/modules/default.nix
··· 58 58 syncthing.enable = mkDefault true; 59 59 theming.enable = mkDefault true; 60 60 users.enable = mkDefault true; 61 + users.lpchaim.enable = mkDefault true; 61 62 zram.enable = mkDefault true; 62 63 }; 63 64
+14 -40
nix/nixos/modules/users/default.nix
··· 1 1 { 2 2 config, 3 - inputs, 4 3 lib, 5 - pkgs, 6 4 ... 7 5 }: let 8 - inherit (config.my.config) name shell; 9 - inherit (inputs.self.lib.secrets.helpers) mkUserSecret; 10 - userName = name.user; 11 6 cfg = config.my.users; 12 7 in { 13 - options.my.users.enable = lib.mkEnableOption "user tweaks"; 14 - config = lib.mkIf cfg.enable { 15 - my.secretDefinitions = { 16 - "user.emily.password" = mkUserSecret "emily" "password" {}; 17 - "user.lpchaim.password" = mkUserSecret "lpchaim" "password" {}; 18 - }; 8 + imports = [ 9 + ./lpchaim.nix 10 + ./emily.nix 11 + ]; 19 12 20 - users = let 21 - defaults = { 13 + options.my.users = { 14 + enable = lib.mkEnableOption "user tweaks"; 15 + defaultUserAttrs = lib.mkOption { 16 + default = { 22 17 isNormalUser = true; 23 18 extraGroups = ["i2c" "networkmanager" "storage" "wheel"]; 24 19 }; 25 - in { 20 + }; 21 + }; 22 + 23 + config = lib.mkIf cfg.enable { 24 + users = { 26 25 mutableUsers = false; 27 - groups.${userName}.gid = 1000; 28 - groups.emily.gid = 1001; 29 - extraUsers = { 30 - ${userName} = 31 - defaults 32 - // { 33 - uid = 1000; 34 - home = "/home/${userName}"; 35 - description = name.full; 36 - group = userName; 37 - shell = pkgs.${shell}; 38 - hashedPasswordFile = "${config.my.secrets."user.lpchaim.password".path}"; 39 - }; 40 - emily = 41 - defaults 42 - // { 43 - uid = 1001; 44 - home = "/home/emily"; 45 - description = "emily"; 46 - group = "emily"; 47 - shell = pkgs.fish; 48 - hashedPasswordFile = "${config.my.secrets."user.emily.password".path}"; 49 - }; 50 - root.hashedPassword = null; 51 - }; 26 + extraUsers.root.hashedPassword = null; 52 27 }; 53 28 nix.settings.trusted-users = ["root" "@wheel"]; 54 - systemd.services.ollama.serviceConfig.ReadWritePaths = [config.users.extraUsers.${userName}.home]; 55 29 }; 56 30 }
+32
nix/nixos/modules/users/emily.nix
··· 1 + { 2 + config, 3 + inputs, 4 + lib, 5 + pkgs, 6 + ... 7 + }: let 8 + inherit (inputs.self.lib.secrets.helpers) mkUserSecret; 9 + cfg = config.my.users.emily; 10 + in { 11 + options.my.users.emily.enable = lib.mkEnableOption "emily user"; 12 + 13 + config = lib.mkIf cfg.enable { 14 + my.secretDefinitions = { 15 + "user.emily.password" = mkUserSecret "emily" "password" {}; 16 + }; 17 + 18 + users = { 19 + extraGroups.emily.gid = 1001; 20 + extraUsers.emily = 21 + config.my.users.defaultUserAttrs 22 + // { 23 + uid = 1001; 24 + home = "/home/emily"; 25 + description = "emily"; 26 + group = "emily"; 27 + shell = pkgs.fish; 28 + hashedPasswordFile = "${config.my.secrets."user.emily.password".path}"; 29 + }; 30 + }; 31 + }; 32 + }
+35
nix/nixos/modules/users/lpchaim.nix
··· 1 + { 2 + config, 3 + inputs, 4 + lib, 5 + pkgs, 6 + ... 7 + }: let 8 + inherit (config.my.config) name shell; 9 + inherit (inputs.self.lib.secrets.helpers) mkUserSecret; 10 + userName = name.user; 11 + cfg = config.my.users.lpchaim; 12 + in { 13 + options.my.users.lpchaim.enable = lib.mkEnableOption "lpchaim user"; 14 + 15 + config = lib.mkIf cfg.enable { 16 + my.secretDefinitions = { 17 + "user.lpchaim.password" = mkUserSecret "lpchaim" "password" {}; 18 + }; 19 + 20 + users = { 21 + extraGroups.${userName}.gid = 1000; 22 + extraUsers.${userName} = 23 + config.my.users.defaultUserAttrs 24 + // { 25 + uid = 1000; 26 + home = "/home/${userName}"; 27 + description = name.full; 28 + group = userName; 29 + shell = pkgs.${shell}; 30 + hashedPasswordFile = "${config.my.secrets."user.lpchaim.password".path}"; 31 + }; 32 + }; 33 + systemd.services.ollama.serviceConfig.ReadWritePaths = [config.users.extraUsers.${userName}.home]; 34 + }; 35 + }