From 5fb5fe1f6bf072f00ef760c85f11cf0955ed86e9 Mon Sep 17 00:00:00 2001 From: Christoph Cullmann Date: Thu, 27 Jun 2024 20:37:20 +0200 Subject: [PATCH] separate the settings --- common.nix | 118 ++--------------------------------------------------- home.nix | 62 ++++++++++++++++++++++++++++ users.nix | 51 +++++++++++++++++++++++ 3 files changed, 116 insertions(+), 115 deletions(-) create mode 100644 home.nix create mode 100644 users.nix diff --git a/common.nix b/common.nix index e167a01..f5ca1d3 100644 --- a/common.nix +++ b/common.nix @@ -15,6 +15,9 @@ in # home manager for per user config "${home-manager}/nixos" + + # our users + "/data/nixos/users.nix" ]; # This value determines the NixOS release from which the default @@ -510,7 +513,6 @@ in # use ZSH per default programs.zsh.enable = true; - users.defaultUserShell = pkgs.zsh; environment.shells = with pkgs; [ zsh ]; # use micro as default terminal editor @@ -527,118 +529,4 @@ in security.sudo.extraConfig = '' Defaults lecture = never ''; - - ### - ### per user configuration below - ### - - # all users and passwords are defined here - users.mutableUsers = false; - - # - # administrator - # - - users.users.root = { - # init password - hashedPassword = builtins.readFile "/data/nixos/password.secret"; - - # use fixed auth keys - openssh.authorizedKeys.keys = pkgs.lib.splitString "\n" (builtins.readFile "/data/nixos/authorized_keys.secret"); - }; - - home-manager.users.root = { - # initial version - home.stateVersion = "22.11"; - - # basic ZSH - programs.zsh.enable = true; - }; - - # - # my main user - # - - users.users.cullmann = { - # hard code UID for stability over machines - uid = 1000; - - # normal user - isNormalUser = true; - - # it's me :P - description = "Christoph Cullmann"; - - # allow VirtualBox and sudo for my main user - extraGroups = [ "vboxusers" "wheel" ]; - - # init password - hashedPassword = config.users.users.root.hashedPassword; - - # use fixed auth keys - openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys; - }; - - home-manager.users.cullmann = { - # initial version - home.stateVersion = "22.11"; - - # ZSH with some nice prompt and extra main user configuration - programs.zsh = { - # zsh with extras wanted - enable = true; - enableCompletion = true; - autosuggestion.enable = true; - history.share = false; - syntaxHighlighting.enable = true; - - # aliases - shellAliases = { - # system build/update/cleanup - update = "sudo TMPDIR=/var/cache/nix nixos-rebuild boot"; - upgrade = "sudo TMPDIR=/var/cache/nix nixos-rebuild boot --upgrade"; - updatenow = "sudo TMPDIR=/var/cache/nix nixos-rebuild switch"; - upgradenow = "sudo TMPDIR=/var/cache/nix nixos-rebuild switch --upgrade"; - gc = "sudo nix-collect-garbage --delete-older-than 7d"; - verify = "sudo nix --extra-experimental-features nix-command store verify --all"; - optimize = "sudo nix --extra-experimental-features nix-command store optimise"; - - # overwrite some tools - cat = "bat"; - ls = "lsd"; - - # ssh around in the local network - mac = "ssh mac.fritz.box"; - macroot = "ssh root@mac.fritz.box"; - mini = "ssh mini.fritz.box"; - miniroot = "ssh root@mini.fritz.box"; - neko = "ssh neko.fritz.box"; - nekoroot = "ssh root@neko.fritz.box"; - }; - }; - - # nice prompt - programs.oh-my-posh = { - enable = true; - useTheme = "slim"; - }; - - # nice cd - programs.zoxide = { - enable = true; - options = [ "--cmd" "cd" ]; - }; - - # enable keychain - programs.keychain = { - enable = true; - keys = [ "id_ed25519" ]; - }; - - # https://github.com/nix-community/nix-direnv - programs.direnv = { - enable = true; - nix-direnv.enable = true; - }; - }; } diff --git a/home.nix b/home.nix new file mode 100644 index 0000000..8b2eb73 --- /dev/null +++ b/home.nix @@ -0,0 +1,62 @@ +{ + # initial version + home.stateVersion = "22.11"; + + # ZSH with some nice prompt and extra main user configuration + programs.zsh = { + # zsh with extras wanted + enable = true; + enableCompletion = true; + autosuggestion.enable = true; + history.share = false; + syntaxHighlighting.enable = true; + + # aliases + shellAliases = { + # system build/update/cleanup + update = "sudo TMPDIR=/var/cache/nix nixos-rebuild boot"; + upgrade = "sudo TMPDIR=/var/cache/nix nixos-rebuild boot --upgrade"; + updatenow = "sudo TMPDIR=/var/cache/nix nixos-rebuild switch"; + upgradenow = "sudo TMPDIR=/var/cache/nix nixos-rebuild switch --upgrade"; + gc = "sudo nix-collect-garbage --delete-older-than 7d"; + verify = "sudo nix --extra-experimental-features nix-command store verify --all"; + optimize = "sudo nix --extra-experimental-features nix-command store optimise"; + + # overwrite some tools + cat = "bat"; + ls = "lsd"; + + # ssh around in the local network + mac = "ssh mac.fritz.box"; + macroot = "ssh root@mac.fritz.box"; + mini = "ssh mini.fritz.box"; + miniroot = "ssh root@mini.fritz.box"; + neko = "ssh neko.fritz.box"; + nekoroot = "ssh root@neko.fritz.box"; + }; + }; + + # nice prompt + programs.oh-my-posh = { + enable = true; + useTheme = "slim"; + }; + + # nice cd + programs.zoxide = { + enable = true; + options = [ "--cmd" "cd" ]; + }; + + # enable keychain, we use the main user key + programs.keychain = { + enable = true; + keys = [ "/home/cullmann/.ssh/id_ed25519" ]; + }; + + # https://github.com/nix-community/nix-direnv + programs.direnv = { + enable = true; + nix-direnv.enable = true; + }; +} diff --git a/users.nix b/users.nix new file mode 100644 index 0000000..44c5283 --- /dev/null +++ b/users.nix @@ -0,0 +1,51 @@ +{ config, pkgs, ... }: + +{ + users = { + # all users and passwords are defined here + mutableUsers = false; + + # default shell is ZSH + defaultUserShell = pkgs.zsh; + + # + # administrator + # + + users.root = { + # init password + hashedPassword = builtins.readFile "/data/nixos/password.secret"; + + # use fixed auth keys + openssh.authorizedKeys.keys = pkgs.lib.splitString "\n" (builtins.readFile "/data/nixos/authorized_keys.secret"); + }; + + # + # my main user + # + + users.cullmann = { + # hard code UID for stability over machines + uid = 1000; + + # normal user + isNormalUser = true; + + # it's me :P + description = "Christoph Cullmann"; + + # allow VirtualBox and sudo for my main user + extraGroups = [ "vboxusers" "wheel" ]; + + # init password + hashedPassword = config.users.users.root.hashedPassword; + + # use fixed auth keys + openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys; + }; + }; + + # use shared home manager settings for all users + home-manager.users.root = import ./home.nix; + home-manager.users.cullmann = import ./home.nix; +}