From 6cf8344ed90c64c746e729f79656064b57f69675 Mon Sep 17 00:00:00 2001 From: sloane ess Date: Fri, 19 Jul 2024 20:59:11 -0400 Subject: [PATCH] Simplify user config --- darwin/default.nix | 10 ++++---- flake.nix | 2 +- home/git.nix | 6 ++--- home/pijul.nix | 8 +++---- me/config.nix | 9 ++++++++ me/default.nix | 33 ++++++++++++++++++++++++++ nixos/default.nix | 10 ++++---- nixos/nix.nix | 2 +- nixos/ssh-access.nix | 6 ++--- users/config.nix | 24 ------------------- users/default.nix | 55 -------------------------------------------- 11 files changed, 64 insertions(+), 101 deletions(-) create mode 100644 me/config.nix create mode 100644 me/default.nix delete mode 100644 users/config.nix delete mode 100644 users/default.nix diff --git a/darwin/default.nix b/darwin/default.nix index 679a883..e08155f 100644 --- a/darwin/default.nix +++ b/darwin/default.nix @@ -3,15 +3,15 @@ flake.darwinModules = { home = let - inherit (config.users) me; + inherit (config.me) username; in { - home-manager.users.${me} = { + home-manager.users.${username} = { imports = [ self.homeModules.darwin ]; }; - users.users.${me} = { - name = me; - home = "/Users/${me}"; + users.users.${username} = { + name = username; + home = "/Users/${username}"; }; }; diff --git a/flake.nix b/flake.nix index be48882..e9de605 100644 --- a/flake.nix +++ b/flake.nix @@ -71,9 +71,9 @@ inputs.pre-commit.flakeModule ./darwin ./home + ./me ./nixos ./templates - ./users ]; flake = { nixosConfigurations = { diff --git a/home/git.nix b/home/git.nix index 887e539..33b5db6 100644 --- a/home/git.nix +++ b/home/git.nix @@ -1,13 +1,13 @@ { flake, ... }: let - inherit (flake.config.users) me'; + inherit (flake.config) me; in { programs.git = { enable = true; - userEmail = me'.email; - userName = me'.name; + userEmail = me.email; + userName = me.name; extraConfig = { help.autocorrect = "prompt"; diff --git a/home/pijul.nix b/home/pijul.nix index 1abb899..d2a637b 100644 --- a/home/pijul.nix +++ b/home/pijul.nix @@ -1,6 +1,6 @@ { flake, pkgs, ... }: let - inherit (flake.config.users) me me'; + inherit (flake.config) me; tomlFormat = pkgs.formats.toml { }; in { @@ -10,9 +10,9 @@ in # hardcode .config because pijul doesn't support XDG (yet?) ".config/pijul/config.toml".source = tomlFormat.generate "pijul-config" { author = { - name = me; - full_name = me'.name; - inherit (me') email; + name = me.username; + full_name = me.name; + inherit (me) email; }; }; }; diff --git a/me/config.nix b/me/config.nix new file mode 100644 index 0000000..9ffeae6 --- /dev/null +++ b/me/config.nix @@ -0,0 +1,9 @@ +{ + name = "sloane ess"; + username = "sloane"; + email = "sloane@sloane.lol"; + sshKeys = [ + # secretive + "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKTVoMVtHSvosU9SCam4S5RTP0R2V09vqw5Xiuff+x4J7NtUxsBhqIrkPSfJHSbYlBKITX5RFyFBo5mtsTa95v0= sloane" + ]; +} diff --git a/me/default.nix b/me/default.nix new file mode 100644 index 0000000..2825eaf --- /dev/null +++ b/me/default.nix @@ -0,0 +1,33 @@ +{ lib, ... }: +let + userSubmodule = lib.types.submodule { + options = { + name = lib.mkOption { + type = lib.types.str; + description = '' + full name + ''; + }; + username = lib.mkOption { + type = lib.types.str; + description = '' + user account name + ''; + }; + email = lib.mkOption { type = lib.types.str; }; + sshKeys = lib.mkOption { + type = lib.types.listOf lib.types.str; + description = '' + SSH public keys + ''; + }; + }; + }; +in +{ + options.me = lib.mkOption { type = userSubmodule; }; + # TODO: currently multiplexing this on the work branch + # how can we vary the config username based on the hostname? + # e.g. https://github.com/srid/nixos-flake/discussions/22#discussioncomment-5909499 + config.me = import ./config.nix; +} diff --git a/nixos/default.nix b/nixos/default.nix index 349fa3b..56c0b18 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -8,15 +8,15 @@ home = let - inherit (config.users) me; + inherit (config.me) username; in { - home-manager.users.${me} = { + home-manager.users.${username} = { imports = [ self.homeModules.linux ]; }; - users.users.${me} = { - name = me; - home = "/home/${me}"; + users.users.${username} = { + name = username; + home = "/home/${username}"; isNormalUser = true; }; }; diff --git a/nixos/nix.nix b/nixos/nix.nix index 8c3fb32..9958fc1 100644 --- a/nixos/nix.nix +++ b/nixos/nix.nix @@ -42,7 +42,7 @@ # wipe out the registry for purity, cf. https://github.com/MatthewCroughan/nixcfg/commit/ce86bee2755127a4fdaca91e5e037d3fe625cba9 flake-registry = builtins.toFile "empty-flake-registry.json" ''{"flakes":[],"version":2}''; trusted-users = [ - flake.config.users.me + flake.config.me.username "root" "@admin" "@wheel" diff --git a/nixos/ssh-access.nix b/nixos/ssh-access.nix index e37d7ea..8e15360 100644 --- a/nixos/ssh-access.nix +++ b/nixos/ssh-access.nix @@ -3,11 +3,11 @@ # remote access users.users = let - inherit (flake.config.users) me me'; - myKeys = me'.sshKeys; + inherit (flake.config) me; + myKeys = me.sshKeys; in { root.openssh.authorizedKeys.keys = myKeys; - ${me}.openssh.authorizedKeys.keys = myKeys; + ${me.username}.openssh.authorizedKeys.keys = myKeys; }; } diff --git a/users/config.nix b/users/config.nix deleted file mode 100644 index dc64777..0000000 --- a/users/config.nix +++ /dev/null @@ -1,24 +0,0 @@ -{ - me = "sloane"; - users = { - sloane = { - name = "sloane ess"; - username = "sloane"; - email = "sloane@sloane.lol"; - sshKeys = [ - # secretive - "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBKTVoMVtHSvosU9SCam4S5RTP0R2V09vqw5Xiuff+x4J7NtUxsBhqIrkPSfJHSbYlBKITX5RFyFBo5mtsTa95v0= sloane" - ]; - }; - sloane-work = { - name = "Sloane Ess"; - username = "sloane"; - email = "sloane@yelp.com"; - sshKeys = [ - # secretive - "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLWD/lvxFOdmE48MUKdigYZOAc3bSIyPxW4M7frWe8Nks9cr58Z/1btvUUmAK+u+J6gw5g+Mt9X0uwR7KPQlavg= sloane" - "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBOkqyHm9fBDXChdmNgbhxd2U1IpkiD4xjC8AVOvil+uEeKYqDi5mF3oeAGYJrV6BRc7hEO+DQP60pN0wI5tMoYE= yelp" - ]; - }; - }; -} diff --git a/users/default.nix b/users/default.nix deleted file mode 100644 index 50b939c..0000000 --- a/users/default.nix +++ /dev/null @@ -1,55 +0,0 @@ -{ config, lib, ... }: -let - userSubmodule = lib.types.submodule { - options = { - name = lib.mkOption { - type = lib.types.str; - description = '' - full name - ''; - }; - username = lib.mkOption { - type = lib.types.str; - description = '' - user account name - ''; - }; - email = lib.mkOption { type = lib.types.str; }; - sshKeys = lib.mkOption { - type = lib.types.listOf lib.types.str; - description = '' - SSH public keys - ''; - }; - }; - }; - usersSubmodule = lib.types.submodule { - options = { - users = lib.mkOption { type = lib.types.attrsOf userSubmodule; }; - me = lib.mkOption { - type = lib.types.str; - description = '' - The name of the user that represents me. - - Admin user in all contexts. - - Should be a key into the `users` attribute set. - ''; - }; - me' = lib.mkOption { - type = userSubmodule; - description = '' - The rest of the user data for `me`. - ''; - readOnly = true; - }; - }; - }; -in -{ - # TODO: can we hack in an assertion that `me` is a key in `users`? - options.users = lib.mkOption { type = usersSubmodule; }; - config.users = (import ./config.nix) // { - me' = lib.mkDefault config.users.users.${config.users.me}; - }; -}