home

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README | LICENSE
commit 9585a26bb5be65be1166665c933baae17db76a54
parent 8514595a5bc1b90b8ffc0c5024a809755ee005f1
Author: Vincent Demeester <vincent@sbr.pm>
Date:   Mon, 25 May 2020 18:01:42 +0200

users: add an options to load machines.nix

Signed-off-by: Vincent Demeester <vincent@sbr.pm>

Diffstat:

Mmodules/profiles/users.nixos.nix | 93+++++++++++++++++++++++++++++++++++++++++++++----------------------------------


Msystems/hokkaido.nix | 1+


Msystems/wakasu.nix | 7+++++++


3 files changed, 61 insertions(+), 40 deletions(-)

diff --git a/modules/profiles/users.nixos.nix b/modules/profiles/users.nixos.nix
@@ -18,49 +18,62 @@ in
         type = types.str;
       };
       # add more options (like openssh keys and config)
+      withMachines = mkOption {
+        default = true;
+        description = "Load machines.nix";
+        type = types.bool;
+      };
     };
   };
-  config = mkIf cfg.enable {
-    users = {
-      extraUsers = {
-        ${cfg.user} = {
-          isNormalUser = true;
-          uid = 1000;
-          createHome = true;
-          extraGroups = [ "wheel" "input" ] ++ optionals config.profiles.desktop.enable [ "audio" "video" "lp" "scanner" "networkmanager" ]
-            ++ optionals config.profiles.docker.enable [ "docker" ]
-            ++ optionals config.profiles.buildkit.enable [ "buildkit" ]
-            ++ optionals config.profiles.virtualization.enable [ "libvirtd" "vboxusers" ];
-          shell = if config.programs.fish.enable then pkgs.fish else pkgs.zsh;
-          initialPassword = "changeMe";
+  config = mkIf cfg.enable (mkMerge [
+    {
+      users = {
+        extraUsers = {
+          ${cfg.user} = {
+            isNormalUser = true;
+            uid = 1000;
+            createHome = true;
+            extraGroups = [ "wheel" "input" ] ++ optionals config.profiles.desktop.enable [ "audio" "video" "lp" "scanner" "networkmanager" ]
+              ++ optionals config.profiles.docker.enable [ "docker" ]
+              ++ optionals config.profiles.buildkit.enable [ "buildkit" ]
+              ++ optionals config.profiles.virtualization.enable [ "libvirtd" "vboxusers" ];
+            shell = if config.programs.fish.enable then pkgs.fish else pkgs.zsh;
+            initialPassword = "changeMe";
+            subUidRanges = [{ startUid = 100000; count = 65536; }];
+            subGidRanges = [{ startGid = 100000; count = 65536; }];
+          };
+        };
+      };
+    }
+    (
+      mkIf cfg.withMachines {
+        users.extraUsers."${cfg.user}" = {
           openssh.authorizedKeys.keys =
             with import ../../assets/machines.nix; [ ssh.yubikey.key ssh.yubikey5.key ssh.wakasu.key ssh.vincent.key ssh.houbeb.key ssh.hokkaido.key ssh.okinawa.key ];
-          subUidRanges = [{ startUid = 100000; count = 65536; }];
-          subGidRanges = [{ startGid = 100000; count = 65536; }];
         };
-      };
-    };
-    programs.ssh.extraConfig = with import ../../assets/machines.nix; ''
-      Host kerkouane kerkouane.sbr.pm
-        Hostname kerkouane.sbr.pm
-        Port ${toString ssh.kerkouane.port}
-      Host kerkouane.vpn ${wireguard.ips.kerkouane}
-        Hostname ${wireguard.ips.kerkouane}
-        Port ${toString ssh.kerkouane.port}
-      Host carthage carthage.sbr.pm
-        Hostname carthage.sbr.pm
-        Port ${toString ssh.carthage.port}
-      Host carthage.vpn ${wireguard.ips.carthage}
-        Hostname ${wireguard.ips.carthage}
-        Port ${toString ssh.carthage.port}
-      Host hokkaido.vpn ${wireguard.ips.hokkaido}
-        Hostname ${wireguard.ips.hokkaido}
-      Host honshu.vpn ${wireguard.ips.honshu}
-        Hostname ${wireguard.ips.honshu}
-      Host okinawa.vpn ${wireguard.ips.okinawa}
-        Hostname ${wireguard.ips.okinawa}
-      Host wakasu.vpn ${wireguard.ips.wakasu}
-        Hostname ${wireguard.ips.wakasu}
-    '';
-  };
+        programs.ssh.extraConfig = with import ../../assets/machines.nix; ''
+          Host kerkouane kerkouane.sbr.pm
+            Hostname kerkouane.sbr.pm
+            Port ${toString ssh.kerkouane.port}
+          Host kerkouane.vpn ${wireguard.ips.kerkouane}
+            Hostname ${wireguard.ips.kerkouane}
+            Port ${toString ssh.kerkouane.port}
+          Host carthage carthage.sbr.pm
+            Hostname carthage.sbr.pm
+            Port ${toString ssh.carthage.port}
+          Host carthage.vpn ${wireguard.ips.carthage}
+            Hostname ${wireguard.ips.carthage}
+            Port ${toString ssh.carthage.port}
+          Host hokkaido.vpn ${wireguard.ips.hokkaido}
+            Hostname ${wireguard.ips.hokkaido}
+          Host honshu.vpn ${wireguard.ips.honshu}
+            Hostname ${wireguard.ips.honshu}
+          Host okinawa.vpn ${wireguard.ips.okinawa}
+            Hostname ${wireguard.ips.okinawa}
+          Host wakasu.vpn ${wireguard.ips.wakasu}
+            Hostname ${wireguard.ips.wakasu}
+        '';
+      }
+    )
+  ]);
 }
diff --git a/systems/hokkaido.nix b/systems/hokkaido.nix
@@ -16,6 +16,7 @@ in
   ];
 
   profiles.home = enableHome;
+  profiles.users.withMachines = enableHome;
 
   networking = {
     hostName = "hokkaido";
diff --git a/systems/wakasu.nix b/systems/wakasu.nix
@@ -18,6 +18,7 @@ in
   ];
 
   profiles.home = enableHome;
+  profiles.users.withMachines = enableHome;
 
   networking = {
     hostName = "wakasu";
@@ -38,6 +39,12 @@ in
     home.packages = with pkgs; [ htop ];
   };
 
+  # FIXME: ain't true
+  fileSystems."/" =
+    {
+      device = "/dev/disk/by-uuid/884a3d57-f652-49b2-9c8b-f6eebd5edbeb";
+      fsType = "ext4";
+    };
   # FIXME: move this away
   profiles.nix-config.enable = false;
   home-manager.useGlobalPkgs = true;