UGA-Innovation-Factory/athenix
3
1
Fork 0
Code Issues Pull Requests Actions Projects Releases Activity

fix: Ensure all users are read from and that the config is shared between module levels
Some checks failed
CI / Flake Check (push) Has been cancelled
Details
CI / Evaluate Key Configurations (nix-builder) (push) Has been cancelled
Details
CI / Evaluate Key Configurations (nix-desktop1) (push) Has been cancelled
Details
CI / Evaluate Key Configurations (nix-laptop1) (push) Has been cancelled
Details
CI / Evaluate Artifacts (installer-iso-nix-laptop1) (push) Has been cancelled
Details
CI / Evaluate Artifacts (lxc-nix-builder) (push) Has been cancelled
Details
CI / Format Check (push) Has been cancelled
Details

Browse Source
This commit is contained in:
UGA Innovation Factory
2026-01-13 20:56:30 -05:00
parent ffa434e720
commit 1c767ed4c8
11 changed files with 52 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
flake.nix
View File

@@ -62,7 +62,7 @@
}; };
outputs = outputs =
inputs@{ flake-parts, ... }: inputs@{ self, flake-parts, ... }:
flake-parts.lib.mkFlake { inherit inputs; } { flake-parts.lib.mkFlake { inherit inputs; } {
# Support all common systems # Support all common systems
systems = [ systems = [
@@ -84,4 +84,5 @@
./users.nix ./users.nix
]; ];
}; };
} }

10
fleet/default.nix
View File

@@ -2,6 +2,8 @@
inputs, inputs,
lib, lib,
config, config,
self ? null,
users ? {},
... ...
}: }:
@@ -139,13 +141,19 @@ let
typeModule typeModule
overrideModule overrideModule
{ networking.hostName = hostName; } { networking.hostName = hostName; }
{
# Inject user definitions from flake-parts level
config.athenix.users = lib.mapAttrs (_: user: lib.mapAttrs (_: lib.mkDefault) user) users;
}
] ]
++ lib.optional (externalModulePath != null) externalPathModule; ++ lib.optional (externalModulePath != null) externalPathModule;
in in
{ {
system = lib.nixosSystem { system = lib.nixosSystem {
inherit system; inherit system;
specialArgs = { inherit inputs; }; specialArgs = {
inputs = if self != null then inputs // { inherit self; } else inputs;
};
modules = allModules; modules = allModules;
}; };
modules = allModules; modules = allModules;

1
fleet/fleet-option.nix
View File

@@ -172,7 +172,6 @@ in
}; };
users = lib.mkOption { users = lib.mkOption {
type = lib.types.attrsOf userSubmodule; type = lib.types.attrsOf userSubmodule;
default = { };
description = "User accounts configuration. Set enable=true for users that should exist on this system."; description = "User accounts configuration. Set enable=true for users that should exist on this system.";
}; };
}; };

53
fleet/user-config.nix
View File

@@ -33,41 +33,34 @@ let
in in
{ {
config = { config = {
# Generate NixOS users # Generate NixOS users
users.users = users.users =
let let
enabledAccounts = lib.filterAttrs (_: user: user.enable) config.athenix.users; enabledAccounts = lib.filterAttrs (_: user: user.enable) config.athenix.users;
in in
lib.mapAttrs ( lib.mapAttrs (
name: user: name: user:
let let
isPlasma6 = config.services.desktopManager.plasma6.enable; isPlasma6 = config.services.desktopManager.plasma6.enable;
defaultPackages = lib.optionals (isPlasma6 && name != "root") [ pkgs.kdePackages.kate ]; defaultPackages = lib.optionals (isPlasma6 && name != "root") [ pkgs.kdePackages.kate ];
finalPackages = lib.subtractLists user.excludePackages (defaultPackages ++ user.extraPackages); finalPackages = lib.subtractLists user.excludePackages (defaultPackages ++ user.extraPackages);
shells = { shells = {
bash = pkgs.bash; bash = pkgs.bash;
zsh = pkgs.zsh; zsh = pkgs.zsh;
fish = pkgs.fish; fish = pkgs.fish;
tcsh = pkgs.tcsh; tcsh = pkgs.tcsh;
}; };
in in
rec { rec {
inherit (user) isNormalUser extraGroups hashedPassword; isNormalUser = user.isNormalUser;
description = if user.description != null then user.description else lib.mkDefault ""; inherit (user) extraGroups hashedPassword;
openssh.authorizedKeys.keys = user.opensshKeys; description = if user.description != null then user.description else lib.mkDefault "";
shell = if user.shell != null then shells.${user.shell} else pkgs.bash; openssh.authorizedKeys.keys = user.opensshKeys;
packages = finalPackages ++ [ shell ]; shell = if user.shell != null then shells.${user.shell} else pkgs.bash;
group = if user.isNormalUser then name else lib.mkDefault "root"; packages = finalPackages ++ [ shell ];
} }
) enabledAccounts; ) enabledAccounts;
# Generate user groups for normal users
users.groups =
let
enabledAccounts = lib.filterAttrs (_: user: user.enable) config.athenix.users;
normalUsers = lib.filterAttrs (_: user: user.isNormalUser) enabledAccounts;
in
lib.mapAttrs (_: _: { }) normalUsers;
# Home Manager configs per user # Home Manager configs per user
home-manager = { home-manager = {
@@ -133,7 +126,7 @@ in
# Always set these required options # Always set these required options
home.username = name; home.username = name;
home.homeDirectory = if name == "root" then "/root" else "/home/${name}"; home.homeDirectory = lib.mkOverride 999 (if name == "root" then "/root" else "/home/${name}");
home.stateVersion = "25.11"; home.stateVersion = "25.11";
programs.${user.editor} = { programs.${user.editor} = {
enable = true; enable = true;

8
installer/artifacts.nix
View File

@@ -3,6 +3,7 @@
fleet, fleet,
self, self,
system, system,
users ? {},
}: }:
# This file defines the logic for generating various build artifacts (ISOs, Netboot, LXC, etc.) # This file defines the logic for generating various build artifacts (ISOs, Netboot, LXC, etc.)
# It exports a set of packages that can be built using `nix build .#<artifact-name>` # It exports a set of packages that can be built using `nix build .#<artifact-name>`
@@ -29,6 +30,7 @@ let
hostName hostName
targetSystemBuild targetSystemBuild
diskoScript diskoScript
users
; ;
hostPlatform = system; hostPlatform = system;
}; };
@@ -46,6 +48,9 @@ let
inherit system; inherit system;
specialArgs = { inherit inputs; }; specialArgs = { inherit inputs; };
modules = fleet.modules.${hostName} ++ [ modules = fleet.modules.${hostName} ++ [
{
config.athenix.users = lib.mapAttrs (_: user: lib.mapAttrs (_: lib.mkDefault) user) users;
}
{ {
disko.enableConfig = lib.mkForce false; disko.enableConfig = lib.mkForce false;
services.upower.enable = lib.mkForce false; services.upower.enable = lib.mkForce false;
@@ -63,6 +68,9 @@ let
specialArgs = { inherit inputs; }; specialArgs = { inherit inputs; };
modules = fleet.modules.${hostName} ++ [ modules = fleet.modules.${hostName} ++ [
"${nixpkgs}/nixos/modules/installer/netboot/netboot.nix" "${nixpkgs}/nixos/modules/installer/netboot/netboot.nix"
{
config.athenix.users = lib.mapAttrs (_: user: lib.mapAttrs (_: lib.mkDefault) user) users;
}
{ {
disko.enableConfig = lib.mkForce false; disko.enableConfig = lib.mkForce false;
services.upower.enable = lib.mkForce false; services.upower.enable = lib.mkForce false;

1
inventory.nix
View File

@@ -132,7 +132,6 @@
rev = "dab32f5884895cead0fae28cb7d88d17951d0c12"; rev = "dab32f5884895cead0fae28cb7d88d17951d0c12";
submodules = true; submodules = true;
}; };
"usda-dash".athenix.users.engr-ugaif.enable = true;
}; };
overrides = { overrides = {
athenix.host.useHostPrefix = false; athenix.host.useHostPrefix = false;

4
lib/mkFleet.nix
View File

@@ -4,7 +4,9 @@
inputs, inputs,
lib, lib,
config, config,
self ? null,
users ? {},
}: }:
import ../fleet/default.nix { import ../fleet/default.nix {
inherit inputs lib config; inherit inputs lib config self users;
} }

4
parts/nixos-configurations.nix
View File

@@ -3,7 +3,6 @@
inputs, inputs,
self, self,
lib, lib,
pkgs,
config, config,
... ...
}: }:
@@ -14,7 +13,8 @@
flake.nixosConfigurations = flake.nixosConfigurations =
let let
fleet = self.lib.mkFleet { inherit inputs lib config; }; users = config.athenix.users;
fleet = self.lib.mkFleet { inherit inputs lib config self users; };
in in
fleet.nixosConfigurations; fleet.nixosConfigurations;
} }

4
parts/packages.nix
View File

@@ -12,13 +12,15 @@
lib.mkIf (system == "x86_64-linux") { lib.mkIf (system == "x86_64-linux") {
packages = packages =
let let
fleet = self.lib.mkFleet { inherit inputs lib config; }; users = config.athenix.users;
fleet = self.lib.mkFleet { inherit inputs lib config self users; };
artifacts = import ../installer/artifacts.nix { artifacts = import ../installer/artifacts.nix {
inherit inherit
inputs inputs
fleet fleet
self self
system system
users
; ;
}; };
in in

7
parts/users.nix
View File

@@ -1,7 +0,0 @@
# Flake-parts wrapper for users.nix
{ inputs, ... }:
let
# Minimal pkgs just for shell paths - will be overridden in actual NixOS configs
pkgs = inputs.nixpkgs.legacyPackages.x86_64-linux;
in
import ../users.nix { inherit pkgs; }

4
users.nix
View File

@@ -1,4 +1,4 @@
{ ... }: { lib, inputs, config, ... }:
{ {
# ============================================================================ # ============================================================================
# User Definitions # User Definitions
@@ -26,7 +26,7 @@
# #
# User options can be set in users.nix OR in the external module's user.nix. # User options can be set in users.nix OR in the external module's user.nix.
# External module options take precedence over users.nix defaults. # External module options take precedence over users.nix defaults.
athenix.users = { config.athenix.users = {
root = { root = {
isNormalUser = false; isNormalUser = false;
hashedPassword = "!"; hashedPassword = "!";