diff --git a/modules/programs/shell-tools.nix b/modules/features/shell-tools.nix similarity index 100% rename from modules/programs/shell-tools.nix rename to modules/features/shell-tools.nix diff --git a/modules/hosts/john-p14s/configuration.nix b/modules/hosts/john-p14s/configuration.nix index a5171da..f1f1470 100644 --- a/modules/hosts/john-p14s/configuration.nix +++ b/modules/hosts/john-p14s/configuration.nix @@ -3,7 +3,8 @@ flake.modules.nixos.p14sConfiguration = { config, pkgs, lib, ... }: let hostname = "john-p14s"; - flakeDir = "${config.home-manager.users.john.home.homeDirectory}/Documents/dendritic"; + homeDirectory = config.home-manager.users.john.home.homeDirectory; + flakeDir = "${homeDirectory}/Documents/dendritic"; in { imports = [ @@ -128,9 +129,7 @@ } ]; sops.defaultSopsFile = ./secrets.yaml; - sops.age.sshKeyPaths = [ - "${config.home-manager.users.john.home.homeDirectory}/.ssh/id_ed25519" - ]; + sops.age.sshKeyPaths = [ "${homeDirectory}/.ssh/id_ed25519" ]; mtls = { enable = true; subject = hostname; diff --git a/modules/hosts/soteria/soteria.nix b/modules/hosts/soteria/soteria.nix index 828d49a..f7bd678 100644 --- a/modules/hosts/soteria/soteria.nix +++ b/modules/hosts/soteria/soteria.nix @@ -7,11 +7,9 @@ in flake.nixosConfigurations."${hostname}" = inputs.nixpkgs.lib.nixosSystem { modules = with inputs.self.modules; [ nixos.lxc + nixos."${username}" nixos.mysops nixos.step-ssh-host - inputs.home-manager.nixosModules.home-manager - nixos."${username}" - nixos.zsh nixos.login-text # nixos.mtls # nixos.restic-server @@ -25,17 +23,19 @@ in step-ssh-host = { hostname = hostname; }; + # This provides the secrets at install time + sops.defaultSopsFile = ./secrets.yaml; home-manager.users."${username}" = { imports = with inputs.self.modules; [ - homeManager"${hostname}" + homeManager."${hostname}" ]; }; } ]; }; - flake.modules.homeManager."${hostname}" = { config, lib, pkgs, ... }: { + flake.modules.homeManager."${hostname}" = { config, pkgs, lib, ... }: { imports = with inputs.self.modules; [ homeManager.rebuild homeManager.mysops @@ -45,8 +45,6 @@ in ]; homeManagerFlakeDir = "${config.xdg.configHome}/home-manager"; - home.username = "${username}"; - home.homeDirectory = "/home/${username}"; shell.program = "zsh"; docker.enable = true; diff --git a/modules/nix-tools/user.nix b/modules/nix-tools/user.nix index b25dc96..ab92f69 100644 --- a/modules/nix-tools/user.nix +++ b/modules/nix-tools/user.nix @@ -1,9 +1,19 @@ # Lifted from: # https://github.com/Doc-Steve/dendritic-design-with-flake-parts/blob/69edacdb5a4a6ca71d649bb8eb62cf8c630c8627/modules/users/bob%20%5BNDn%5D/bob.nix#L8 -{ self, ... }: +{ self, inputs, ... }: { - config.flake.factory.user = username: isAdmin: { + config.flake.factory.user = { + username, + isAdmin ? false, + noPassword ? false, + # homeImports ? [ ], + # homePackages ? [ ], + }: { nixos."${username}" = { config, lib, pkgs, ... }: { + imports = [ + inputs.home-manager.nixosModules.home-manager + ]; + users.users."${username}" = { isNormalUser = true; home = "/home/${username}"; @@ -22,7 +32,7 @@ enable = true; extraRules = [{ users = [ "${username}" ]; - commands = [{ + commands = lib.mkIf noPassword [{ command = "ALL"; options = [ "NOPASSWD" ]; }]; @@ -31,11 +41,10 @@ # https://github.com/Doc-Steve/dendritic-design-with-flake-parts/wiki/Dendritic_Aspects#multi-context-aspect home-manager.users."${username}" = { + imports = [ self.modules.homeManager."${username}" ]; home.username = "${username}"; home.homeDirectory = "/home/${username}"; - imports = [ - self.modules.homeManager."${username}" - ]; + # home.packages = homePackages; }; }; }; diff --git a/modules/services/docker.nix b/modules/services/docker.nix index 727a11b..1937bdf 100644 --- a/modules/services/docker.nix +++ b/modules/services/docker.nix @@ -1,20 +1,13 @@ -{ inputs, ... }: +{ self, inputs, ... }: { flake.modules.nixos.docker = { - virtualisation.docker = { - enable = true; - }; - home-manager.sharedModules = with inputs.self.modules.homeManager; [ - docker - ]; + virtualisation.docker.enable = true; + home-manager.sharedModules = [ inputs.self.modules.homeManager.docker ]; }; flake.modules.homeManager.docker = { config, lib, pkgs, ... }: { - options.docker = { - enable = lib.mkEnableOption "Docker tools and utilities"; - }; - + options.docker.enable = lib.mkEnableOption "Docker tools and utilities"; config = lib.mkIf config.docker.enable { programs.lazydocker.enable = true; programs.docker-cli.enable = true; diff --git a/modules/users/john.nix b/modules/users/john.nix index f668936..fa5fabf 100644 --- a/modules/users/john.nix +++ b/modules/users/john.nix @@ -1,4 +1,4 @@ -{ inputs, ... }: +{ self, inputs, lib, ... }: let username = "john"; in @@ -16,28 +16,33 @@ in ]; }; - flake.modules.nixos."${username}" = { - imports = [ - inputs.home-manager.nixosModules.home-manager - (inputs.self.factory.user username true).nixos."${username}" - ]; - users.users."${username}" = { - openssh.authorizedKeys.keys = inputs.self.meta.users."${username}".authorizedKeys; - extraGroups = [ "docker" ]; - }; - }; + flake.modules = lib.mkMerge [ + (self.factory.user { + username = username; + isAdmin = true; + }) + { + nixos."${username}" = { + imports = [ + inputs.home-manager.nixosModules.home-manager + ]; + users.users."${username}" = { + openssh.authorizedKeys.keys = inputs.self.meta.users."${username}".authorizedKeys; + }; + }; - flake.modules.homeManager."${username}" = with inputs.self.meta.users."${username}"; { - home.stateVersion = "25.11"; - xdg.enable = true; - - programs.git.settings.user.name = name; - programs.git.settings.user.email = email; - - imports = with inputs.self.modules.homeManager; [ - ssh - shell-tools - git - ]; - }; + # This module will be imported by the user factory + homeManager."${username}" = with inputs.self.meta.users."${username}"; { + home.stateVersion = "25.11"; + xdg.enable = true; + programs.git.settings.user.name = name; + programs.git.settings.user.email = email; + imports = with inputs.self.modules.homeManager; [ + ssh + shell-tools + git + ]; + }; + } + ]; }