From 24c6ac52a71998ddfce851383c3f02e96e077f74 Mon Sep 17 00:00:00 2001 From: John Lancaster <32917998+jsl12@users.noreply.github.com> Date: Tue, 10 Mar 2026 23:12:09 -0500 Subject: [PATCH] user factory --- modules/default.nix | 2 -- modules/nix-tools/user.nix | 28 +++++++++++++++++++ modules/nixos/lxc.nix | 2 ++ modules/users/john.nix | 57 +++++++++++++++++++------------------- 4 files changed, 59 insertions(+), 30 deletions(-) create mode 100644 modules/nix-tools/user.nix diff --git a/modules/default.nix b/modules/default.nix index 4399aa8..30702b4 100644 --- a/modules/default.nix +++ b/modules/default.nix @@ -1,9 +1,7 @@ { inputs, ... }: { - imports = [ # https://github.com/vic/flake-file/tree/main/modules/dendritic inputs.flake-file.flakeModules.dendritic ]; - } diff --git a/modules/nix-tools/user.nix b/modules/nix-tools/user.nix new file mode 100644 index 0000000..fdf7142 --- /dev/null +++ b/modules/nix-tools/user.nix @@ -0,0 +1,28 @@ +# Lifted from: +# https://github.com/Doc-Steve/dendritic-design-with-flake-parts/blob/69edacdb5a4a6ca71d649bb8eb62cf8c630c8627/modules/users/bob%20%5BNDn%5D/bob.nix#L8 +{ self, ... }: +{ + config.flake.factory.user = username: isAdmin: { + + nixos."${username}" = { lib, pkgs, ... }: { + users.users."${username}" = { + isNormalUser = true; + home = "/home/${username}"; + extraGroups = lib.optionals isAdmin [ + "input" + "networkmanager" + "wheel" + ]; + }; + home-manager.users."${username}" = { + imports = [ + self.modules.homeManager."${username}" + ]; + }; + }; + + homeManager."${username}" = { + home.username = "${username}"; + }; + }; +} \ No newline at end of file diff --git a/modules/nixos/lxc.nix b/modules/nixos/lxc.nix index 0e1a2f8..1ad7947 100644 --- a/modules/nixos/lxc.nix +++ b/modules/nixos/lxc.nix @@ -9,6 +9,8 @@ system.stateVersion = "25.11"; nix.settings.experimental-features = [ "nix-command" "flakes" ]; environment.systemPackages = with pkgs; [ git zsh ]; + + security.sudo-rs.enable = true; }; # Generic bootstrapping lxc, use a specific host file for more diff --git a/modules/users/john.nix b/modules/users/john.nix index 19273c2..03e31b2 100644 --- a/modules/users/john.nix +++ b/modules/users/john.nix @@ -16,38 +16,39 @@ in "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMOkGLo4N/L3RYvaIZ1FmePlxa1HK0fMciZxKtRhN58F root@janus" ]; }; - }; - # https://github.com/Doc-Steve/dendritic-design-with-flake-parts/wiki/Dendritic_Aspects#multi-context-aspect - flake.modules.nixos."${username}" = { pkgs, ... }: { - home-manager.users."${username}" = { - imports = [ - inputs.self.modules.homeManager."${username}" - ]; - }; - users.users."${username}" = { - isNormalUser = true; - shell = pkgs.zsh; - openssh.authorizedKeys.keys = inputs.self.meta.users."${username}".authorizedKeys; - extraGroups = [ "docker "]; - }; - programs.zsh.enable = true; - }; + modules = lib.mkMerge [ + (inputs.self.factory.user username true) + { + # https://github.com/Doc-Steve/dendritic-design-with-flake-parts/wiki/Dendritic_Aspects#multi-context-aspect + nixos."${username}" = { pkgs, ... }: { + home-manager.users."${username}" = { + imports = [ + inputs.self.modules.homeManager."${username}" + ]; + }; + users.users."${username}" = { + isNormalUser = true; + openssh.authorizedKeys.keys = inputs.self.meta.users."${username}".authorizedKeys; + extraGroups = [ "docker" ]; + }; + }; - flake.modules.homeManager."${username}" = { - home.username = "${username}"; - home.homeDirectory = "/home/${username}"; - home.stateVersion = "25.11"; - xdg.enable = true; + homeManager."${username}" = { + home.stateVersion = "25.11"; + xdg.enable = true; - programs.git.settings.user.name = "John Lancaster"; - programs.git.settings.user.email = "32917998+jsl12@users.noreply.github.com"; + programs.git.settings.user.name = "John Lancaster"; + programs.git.settings.user.email = "32917998+jsl12@users.noreply.github.com"; - imports = with inputs.self.modules.homeManager; [ - base - # docker - # resticprofile - ]; + imports = with inputs.self.modules.homeManager; [ + # base + # docker + # resticprofile + ]; + }; + } + ]; }; # This is the base homeConfiguration for the john user that will be used if no other