john/jsl-home
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
de44f365fb79c132a73799b48996468b0fd2c789
jsl-home/flake.nix
John Lancaster de44f365fb shuffled root user options
2025-07-03 00:27:12 -05:00

93 lines
2.8 KiB
Nix
Raw Blame History

{
description = "Home Manager configuration flake for JSL";
inputs = {
nixpkgs.url = "github:nixos/nixpkgs/nixos-unstable";
home-manager = {
url = "github:nix-community/home-manager";
inputs.nixpkgs.follows = "nixpkgs";
};
_1password-shell-plugins.url = "github:1Password/shell-plugins";
};
outputs = { self, nixpkgs, ... }@inputs:
let
system = "x86_64-linux";
pkgs = nixpkgs.legacyPackages.${system};
lib = pkgs.lib;
userOptions = config: {
openssh.authorizedKeys.keyFiles = lib.optionals config.ssh [ ./personal_keys ];
extraGroups = lib.optionals config.root [ "wheel" ];
shell = lib.mkIf config.shell pkgs.zsh;
};
in
{
homeManagerModules.default = { ... }: {
imports = [
./nixosModules/options.nix
./home.nix
inputs._1password-shell-plugins.hmModules.default
];
nixpkgs.config.allowUnfreePredicate = pkg: builtins.elem (lib.getName pkg) [
"1password-cli"
];
home.packages = with pkgs; [
(writeShellScriptBin "nhmu" ''
nix flake update --flake ~/.config/home-manager
nix run home-manager -- switch --flake ~/.config/home-manager
'')
];
};
nixosModules.default = { config, ... }: {
imports = [
./nixosModules/options.nix
./nixosModules/scripts.nix
inputs.home-manager.nixosModules.default
];
nix.settings.trusted-users = [ "root" "@wheel" ];
users.users.${config.user} = {
isNormalUser = true;
} // userOptions config;
users.users.root = lib.mkIf config.root (userOptions config);
security.sudo-rs = lib.mkIf config.root {
enable = true;
execWheelOnly = false;
wheelNeedsPassword = false;
extraConfig = "Defaults timestamp_timeout=1440";
};
programs.zsh.enable = lib.mkIf config.shell true;
home-manager = {
useUserPackages = true;
extraSpecialArgs = { inherit inputs; };
users = {
${config.user} = {
imports = [
self.homeManagerModules.default {
user = config.user;
stateVersion = config.stateVersion;
profile = config.profile;
shell = config.shell;
ssh = config.ssh;
_1password = config._1password;
}
] ++ config.extraImports;
};
} // lib.optionalAttrs config.root {
root = {
home.stateVersion = config.stateVersion;
programs.git = {
extraConfig.credential.helper = "store --file ~/.git-credentials";
};
};
};
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink