reworking
This commit is contained in:
@@ -1,46 +1,62 @@
|
||||
{ config, lib, inputs, ... }: {
|
||||
{ config, lib, pkgs, inputs, ... }: {
|
||||
|
||||
options.sysconfig = {
|
||||
options.sysconfig = with lib; {
|
||||
users = let
|
||||
|
||||
userType = lib.types.submodule ({ username, ... }: {
|
||||
userType = types.submodule ({ username, ... }: {
|
||||
options = {
|
||||
username = lib.mkOption {
|
||||
type = lib.types.str;
|
||||
type = with types; str;
|
||||
default = username;
|
||||
};
|
||||
|
||||
home-manager = {
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
type = with types; bool;
|
||||
default = false;
|
||||
};
|
||||
|
||||
standalone = lib.mkOption {
|
||||
type = with types; bool;
|
||||
default = false;
|
||||
description = "is this home-manager standalone?";
|
||||
};
|
||||
|
||||
extraModules = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.raw;
|
||||
type = with types; listOf raw;
|
||||
default = [];
|
||||
};
|
||||
};
|
||||
|
||||
sshKeys = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
type = with types; listOf str;
|
||||
default = [];
|
||||
};
|
||||
|
||||
uid = lib.mkOption {
|
||||
type = with types; nullOr int;
|
||||
default = null;
|
||||
};
|
||||
|
||||
hashedPasswordFile = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.str;
|
||||
type = with types; nullOr str;
|
||||
default = null;
|
||||
};
|
||||
|
||||
extraGroups = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
type = with types; listOf str;
|
||||
default = [];
|
||||
};
|
||||
|
||||
shell = lib.mkOption {
|
||||
type = with types; package;
|
||||
default = pkgs.shadow;
|
||||
};
|
||||
};
|
||||
});
|
||||
|
||||
in lib.mkOption {
|
||||
type = lib.types.attrsOf userType;
|
||||
type = userType;
|
||||
default = {};
|
||||
};
|
||||
};
|
||||
@@ -50,26 +66,38 @@
|
||||
users.users = builtins.mapAttrs (name: user: {
|
||||
name = user.username;
|
||||
isNormalUser = true;
|
||||
uid = user.uid;
|
||||
hashedPasswordFile = lib.mkIf (user.hashedPasswordFile != null) user.hashedPasswordFile;
|
||||
shell = user.shell;
|
||||
extraGroups = user.extraGroups;
|
||||
openssh.authorizedKeys.keys = lib.mkIf config.sysconfig.services.openssh.enable config.sysconfig.users.${user.username}.sshKeys;
|
||||
openssh.authorizedKeys.keys = lib.mkIf config.sysconfig.services.openssh.enable user.sshKeys;
|
||||
packages = with pkgs; lib.mkIf (user.home-manager.enable && user.home-manager.standalone) [ home-manager ];
|
||||
}) config.sysconfig.users;
|
||||
|
||||
programs.fuse.userAllowOther = true;
|
||||
|
||||
home-manager = {
|
||||
backupFileExtension = "backup";
|
||||
extraSpecialArgs = {inherit inputs;};
|
||||
extraSpecialArgs = { inherit inputs; };
|
||||
sharedModules = [
|
||||
inputs.sops-nix.homeManagerModules.sops
|
||||
inputs.home-manager-config
|
||||
];
|
||||
users = (builtins.mapAttrs
|
||||
(name: user: (lib.mkMerge [
|
||||
(inputs.${user.username} { config = config.home-manager.users.${user.username}; inherit lib; })
|
||||
] ++ user.home-manager.extraModules))
|
||||
{
|
||||
homeconfig = {
|
||||
host = config.sysconfig.host;
|
||||
username = user.username;
|
||||
graphical = config.sysconfig.graphical;
|
||||
};
|
||||
}
|
||||
] ++ (if inputs ? ${user.username} then [ (inputs.${user.username} { config = config.home-manager.users.${user.username}; }) ] else [])
|
||||
++ user.home-manager.extraModules))
|
||||
(builtins.removeAttrs
|
||||
config.sysconfig.users
|
||||
(builtins.partition
|
||||
(name: config.sysconfig.users.${name}.home-manager.enable == true)
|
||||
(name: (config.sysconfig.users.${name}.home-manager.enable && !config.sysconfig.users.${name}.home-manager.standalone))
|
||||
(builtins.attrNames config.sysconfig.users)
|
||||
).wrong
|
||||
)
|
||||
|
||||
Reference in New Issue
Block a user