blake/nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

restructure user

Browse Source
This commit is contained in:
blake
2025-10-14 00:20:29 -05:00
parent 782ebcf4e3
commit 182cab6bf3
5 changed files with 34 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
hosts/snowbelle/configuration.nix
View File

@@ -8,7 +8,7 @@ in
imports = imports =
[ # Include the results of the hardware scan. [ # Include the results of the hardware scan.
./hardware-configuration.nix ./hardware-configuration.nix
../../users ../../users/blake
../../modules/system ../../modules/system
../../modules/homelab ../../modules/homelab
../../modules/homelab/minecraft_recpro ../../modules/homelab/minecraft_recpro
@@ -54,12 +54,6 @@ in
minecraft_recpro.enable = true; minecraft_recpro.enable = true;
}; };
# configure users & groups
users = {
blake.enable = true; # main user, home manager
defaultUserShell = pkgs.zsh; # the goat
};
# boot (systemd is going on me) # boot (systemd is going on me)
boot.loader.systemd-boot.enable = true; # systemd your pretty cool ya know boot.loader.systemd-boot.enable = true; # systemd your pretty cool ya know
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;

2
modules/system/sops/default.nix
View File

@@ -19,7 +19,7 @@ in
age.keyFile = "/etc/sops/keys.txt"; age.keyFile = "/etc/sops/keys.txt";
secrets = { secrets = {
"blake_passwd" = lib.mkIf config.users.blake.enable { "blake_passwd" = {
owner = "root"; owner = "root";
group = "root"; group = "root";
neededForUsers = true; neededForUsers = true;

5
users/blake/default.nix
View File

@@ -6,7 +6,8 @@
... ...
}: { }: {
# create blake user # create blake user
users.users = { users = {
users = {
blake = { blake = {
isNormalUser = true; isNormalUser = true;
extraGroups = ["wheel" "networkmanager" "docker" "media" "podman" "minecraft"]; # Enable sudo for the user. extraGroups = ["wheel" "networkmanager" "docker" "media" "podman" "minecraft"]; # Enable sudo for the user.
@@ -20,6 +21,8 @@
]; ];
}; };
}; };
groups.blake = { gid = 1000; };
};
# define home-manager user # define home-manager user
home-manager = { home-manager = {

34
users/blake/home.nix
View File

@@ -64,22 +64,22 @@
}; };
}; };
# import sshkeys from keyring # import sshkeys from keyring
#home.file.".ssh/id_snowbelle".source = config.lib.file.mkOutOfStoreSymlink /home/blake/.nix/.keyring/ssh/id_snowbelle; home.file.".ssh/id_snowbelle".source = config.lib.file.mkOutOfStoreSymlink /home/blake/.nix/.keyring/ssh/id_snowbelle;
#home.file.".ssh/id_snowbelle.pub".source = config.lib.file.mkOutOfStoreSymlink /home/blake/.nix/.keyring/ssh/id_snowbelle.pub; home.file.".ssh/id_snowbelle.pub".source = config.lib.file.mkOutOfStoreSymlink /home/blake/.nix/.keyring/ssh/id_snowbelle.pub;
# manage secrets with sops # # manage secrets with sops
sops.secrets = { # sops.secrets = {
"id_snowbelle" = { # "id_snowbelle" = {
owner = "blake"; # owner = "blake";
group = "blake"; # group = "blake";
mode = "0600"; # mode = "0600";
path = "/home/blake/.ssh/id_snowbelle"; # path = "/home/blake/.ssh/id_snowbelle";
}; # };
"id_snowbelle.pub" = { # "id_snowbelle.pub" = {
owner = "blake"; # owner = "blake";
group = "blake"; # group = "blake";
mode = "644"; # mode = "644";
path = "/home/blake/.ssh/id_snowbelle.pub"; # path = "/home/blake/.ssh/id_snowbelle.pub";
}; # };
}; # };
} }

1
users/default.nix
View File

@@ -5,6 +5,5 @@
./blake ./blake
]; ];
users.blake.enable = lib.mkDefault true;
} }