cullmann/nixos
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

add sandbox users

Browse source
This commit is contained in:
Christoph Cullmann 2024-10-05 17:03:22 +02:00
parent a54573764a
commit 1035a6a785
No known key found for this signature in database
3 changed files with 69 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
share/common.nix
View file

@ -113,15 +113,6 @@ in
neededForBoot = true; neededForBoot = true;
}; };
# bind mount to have user homes
fileSystems."/home" =
{ device = "/data/home";
fsType = "none";
neededForBoot = true;
options = [ "bind" ];
depends = [ "/data" ];
};
# bind mount to have root home # bind mount to have root home
fileSystems."/root" = fileSystems."/root" =
{ device = "/data/root"; { device = "/data/root";

7
share/home.nix
View file

@ -126,13 +126,6 @@
enableZshIntegration = true; enableZshIntegration = true;
}; };
# enable keychain, we use the main user key
programs.keychain = {
enable = true;
enableZshIntegration = true;
keys = [ "/home/cullmann/.ssh/id_ed25519" ];
};
# https://github.com/nix-community/nix-direnv # https://github.com/nix-community/nix-direnv
programs.direnv = { programs.direnv = {
enable = true; enable = true;

74
share/users.nix
View file

@ -20,7 +20,6 @@ in
# #
# administrator # administrator
# #
users.root = { users.root = {
# init password # init password
hashedPassword = builtins.readFile "/data/nixos/secret/password.secret"; hashedPassword = builtins.readFile "/data/nixos/secret/password.secret";
@ -32,8 +31,10 @@ in
# #
# my main user # my main user
# #
users.cullmann = { users.cullmann = {
# home on persistent volume
home = "/data/home/cullmann";
# hard code UID for stability over machines # hard code UID for stability over machines
uid = 1000; uid = 1000;
@ -52,6 +53,42 @@ in
# use fixed auth keys # use fixed auth keys
openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys; openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys;
}; };
#
# sandbox for lutris and steam games
#
users.sandbox-games = {
# home on persistent volume
home = "/data/home/sandbox-games";
# hard code UID for stability over machines
# out of range of normal login users
uid = 32000;
# normal user
isNormalUser = true;
# sandbox user
description = "Sandbox Games";
};
#
# sandbox for kde development
#
users.sandbox-kde = {
# home on persistent volume
home = "/data/home/sandbox-kde";
# hard code UID for stability over machines
# out of range of normal login users
uid = 32001;
# normal user
isNormalUser = true;
# sandbox user
description = "Sandbox KDE";
};
}; };
# home manager settings # home manager settings
@ -62,8 +99,35 @@ in
# use global pkgs # use global pkgs
useGlobalPkgs = true; useGlobalPkgs = true;
# use shared home manager settings # root just with shared home manager settings
users.root = import ./home.nix; users.root = {
users.cullmann = import ./home.nix; # shared config
imports = [ ./home.nix ];
};
# main user with extra settings
users.cullmann = {
# shared config
imports = [ ./home.nix ];
# enable keychain, we use the main user key
programs.keychain = {
enable = true;
enableZshIntegration = true;
keys = [ "/data/home/cullmann/.ssh/id_ed25519" ];
};
};
# games user with extra settings
users.sandbox-games = {
# shared config
imports = [ ./home.nix ];
};
# kde user with extra settings
users.sandbox-kde = {
# shared config
imports = [ ./home.nix ];
};
}; };
} }