From 7ac453e1f7f04fe44248fcf2703c75fb2aa00e1a Mon Sep 17 00:00:00 2001 From: UGA Innovation Factory Date: Tue, 16 Dec 2025 14:35:02 -0500 Subject: [PATCH] fix: Change how enabled users are handled --- hosts/default.nix | 7 +++-- hosts/types/nix-desktop.nix | 16 +++++------ hosts/types/nix-ephemeral.nix | 20 +++++++------- hosts/types/nix-laptop.nix | 22 +++++++-------- hosts/types/nix-lxc.nix | 14 +++++----- hosts/types/nix-surface.nix | 26 +++++++++--------- hosts/user-config.nix | 50 +++++++++++++++-------------------- installer/modules.nix | 36 ++++++++++++------------- sw/default.nix | 8 +++--- users.nix | 7 ++++- 10 files changed, 102 insertions(+), 104 deletions(-) diff --git a/hosts/default.nix b/hosts/default.nix index d2159fd..1766d35 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -43,7 +43,7 @@ let # Load users.nix to find external user flakes pkgs = nixpkgs.legacyPackages.${system}; usersData = import ../users.nix { inherit pkgs; }; - accounts = usersData.ugaif.users.accounts or { }; + accounts = usersData.ugaif.users or { }; # Extract flakeUrls and convert to modules userFlakeModules = lib.mapAttrsToList ( @@ -87,7 +87,10 @@ let ]; specialConfig = lib.mkMerge [ (lib.optionalAttrs (configOverrides ? extraUsers) { - ugaif.users.enabledUsers = configOverrides.extraUsers; + # Enable each user in the extraUsers list + ugaif.users = lib.genAttrs configOverrides.extraUsers (_: { + enable = true; + }); }) (lib.optionalAttrs (configOverrides ? buildMethods) { ugaif.host.buildMethods = configOverrides.buildMethods; diff --git a/hosts/types/nix-desktop.nix b/hosts/types/nix-desktop.nix index c30f5e0..70e146b 100644 --- a/hosts/types/nix-desktop.nix +++ b/hosts/types/nix-desktop.nix @@ -20,20 +20,20 @@ # ========== Boot Configuration ========== boot.initrd.availableKernelModules = [ - "xhci_pci" # USB 3.0 support - "nvme" # NVMe SSD support + "xhci_pci" # USB 3.0 support + "nvme" # NVMe SSD support "usb_storage" # USB storage devices - "sd_mod" # SD card support - "sdhci_pci" # SD card host controller + "sd_mod" # SD card support + "sdhci_pci" # SD card host controller ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; # Intel virtualization support boot.extraModulePackages = [ ]; boot.kernelParams = [ - "quiet" # Minimal boot messages - "splash" # Show Plymouth boot splash - "boot.shell_on_fail" # Emergency shell on boot failure - "udev.log_priority=3" # Reduce udev logging + "quiet" # Minimal boot messages + "splash" # Show Plymouth boot splash + "boot.shell_on_fail" # Emergency shell on boot failure + "udev.log_priority=3" # Reduce udev logging "rd.systemd.show_status=auto" # Show systemd status during boot ]; diff --git a/hosts/types/nix-ephemeral.nix b/hosts/types/nix-ephemeral.nix index c3363ee..3943433 100644 --- a/hosts/types/nix-ephemeral.nix +++ b/hosts/types/nix-ephemeral.nix @@ -20,20 +20,20 @@ # ========== Boot Configuration ========== boot.initrd.availableKernelModules = [ - "xhci_pci" # USB 3.0 support - "nvme" # NVMe support + "xhci_pci" # USB 3.0 support + "nvme" # NVMe support "usb_storage" # USB storage devices - "sd_mod" # SD card support - "sdhci_pci" # SD card host controller + "sd_mod" # SD card support + "sdhci_pci" # SD card host controller ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; # Intel virtualization support boot.extraModulePackages = [ ]; boot.kernelParams = [ - "quiet" # Minimal boot messages - "splash" # Show Plymouth boot splash - "boot.shell_on_fail" # Emergency shell on boot failure - "udev.log_priority=3" # Reduce udev logging + "quiet" # Minimal boot messages + "splash" # Show Plymouth boot splash + "boot.shell_on_fail" # Emergency shell on boot failure + "udev.log_priority=3" # Reduce udev logging "rd.systemd.show_status=auto" # Show systemd status during boot ]; @@ -42,8 +42,8 @@ ugaif.host.filesystem.swapSize = lib.mkForce "0G"; ugaif.host.filesystem.device = lib.mkForce "/dev/null"; # Dummy device ugaif.host.buildMethods = lib.mkDefault [ - "iso" # Live ISO image - "ipxe" # Network boot + "iso" # Live ISO image + "ipxe" # Network boot ]; # Disable disk management for RAM-only systems diff --git a/hosts/types/nix-laptop.nix b/hosts/types/nix-laptop.nix index 54c2e0a..6426f04 100644 --- a/hosts/types/nix-laptop.nix +++ b/hosts/types/nix-laptop.nix @@ -20,25 +20,25 @@ # ========== Boot Configuration ========== boot.initrd.availableKernelModules = [ - "xhci_pci" # USB 3.0 support + "xhci_pci" # USB 3.0 support "thunderbolt" # Thunderbolt support - "nvme" # NVMe SSD support + "nvme" # NVMe SSD support "usb_storage" # USB storage devices - "sd_mod" # SD card support - "sdhci_pci" # SD card host controller + "sd_mod" # SD card support + "sdhci_pci" # SD card host controller ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; # Intel virtualization support boot.extraModulePackages = [ ]; boot.kernelParams = [ - "quiet" # Minimal boot messages - "splash" # Show Plymouth boot splash - "boot.shell_on_fail" # Emergency shell on boot failure - "udev.log_priority=3" # Reduce udev logging + "quiet" # Minimal boot messages + "splash" # Show Plymouth boot splash + "boot.shell_on_fail" # Emergency shell on boot failure + "udev.log_priority=3" # Reduce udev logging "rd.systemd.show_status=auto" # Show systemd status during boot - "i915.enable_psr=0" # Disable Panel Self Refresh (stability) - "i915.enable_dc=0" # Disable display power saving - "i915.enable_fbc=0" # Disable framebuffer compression + "i915.enable_psr=0" # Disable Panel Self Refresh (stability) + "i915.enable_dc=0" # Disable display power saving + "i915.enable_fbc=0" # Disable framebuffer compression ]; # ========== Hardware Configuration ========== diff --git a/hosts/types/nix-lxc.nix b/hosts/types/nix-lxc.nix index b19ec02..cc8790d 100644 --- a/hosts/types/nix-lxc.nix +++ b/hosts/types/nix-lxc.nix @@ -31,30 +31,30 @@ # ========== Container-Specific Configuration ========== boot.isContainer = true; boot.loader.systemd-boot.enable = lib.mkForce false; # No bootloader in container - disko.enableConfig = lib.mkForce false; # No disk management in container + disko.enableConfig = lib.mkForce false; # No disk management in container console.enable = true; - + # Allow getty to work in containers systemd.services."getty@".unitConfig.ConditionPathExists = [ "" "/dev/%I" ]; - + # Suppress unnecessary systemd units for containers systemd.suppressedSystemUnits = [ "dev-mqueue.mount" "sys-kernel-debug.mount" "sys-fs-fuse-connections.mount" ]; - + # ========== Remote Development ========== services.vscode-server.enable = true; - + # ========== System Configuration ========== system.stateVersion = "25.11"; ugaif.host.buildMethods = lib.mkDefault [ - "lxc" # LXC container tarball - "proxmox" # Proxmox VMA archive + "lxc" # LXC container tarball + "proxmox" # Proxmox VMA archive ]; ugaif.sw.enable = lib.mkDefault true; diff --git a/hosts/types/nix-surface.nix b/hosts/types/nix-surface.nix index 95cb49a..7d05478 100644 --- a/hosts/types/nix-surface.nix +++ b/hosts/types/nix-surface.nix @@ -30,26 +30,26 @@ in # ========== Boot Configuration ========== boot.initrd.availableKernelModules = [ - "xhci_pci" # USB 3.0 support - "nvme" # NVMe support (though Surface uses eMMC) + "xhci_pci" # USB 3.0 support + "nvme" # NVMe support (though Surface uses eMMC) "usb_storage" # USB storage devices - "sd_mod" # SD card support - "sdhci_pci" # SD card host controller + "sd_mod" # SD card support + "sdhci_pci" # SD card host controller ]; boot.initrd.kernelModules = [ ]; boot.kernelModules = [ "kvm-intel" ]; # Intel virtualization support boot.extraModulePackages = [ ]; boot.kernelParams = [ - "quiet" # Minimal boot messages - "splash" # Show Plymouth boot splash - "boot.shell_on_fail" # Emergency shell on boot failure - "udev.log_priority=3" # Reduce udev logging + "quiet" # Minimal boot messages + "splash" # Show Plymouth boot splash + "boot.shell_on_fail" # Emergency shell on boot failure + "udev.log_priority=3" # Reduce udev logging "rd.systemd.show_status=auto" # Show systemd status during boot - "intel_ipu3_imgu" # Intel camera image processing - "intel_ipu3_isys" # Intel camera sensor interface - "fbcon=map:1" # Framebuffer console mapping - "i915.enable_psr=0" # Disable Panel Self Refresh (breaks resume) - "i915.enable_dc=0" # Disable display power saving + "intel_ipu3_imgu" # Intel camera image processing + "intel_ipu3_isys" # Intel camera sensor interface + "fbcon=map:1" # Framebuffer console mapping + "i915.enable_psr=0" # Disable Panel Self Refresh (breaks resume) + "i915.enable_dc=0" # Disable display power saving ]; # Use older kernel for better Surface hardware support diff --git a/hosts/user-config.nix b/hosts/user-config.nix index 197428b..b2e2fe9 100644 --- a/hosts/user-config.nix +++ b/hosts/user-config.nix @@ -64,6 +64,11 @@ let default = null; description = "The shell for this user."; }; + editor = lib.mkOption { + type = lib.types.nullOr lib.types.package; + default = null; + description = "The default editor for this user."; + }; useZshTheme = lib.mkOption { type = lib.types.bool; default = true; @@ -74,42 +79,31 @@ let default = true; description = "Whether to apply the system Neovim configuration."; }; + enable = lib.mkOption { + type = lib.types.bool; + default = false; + description = "Whether this user account is enabled on this system."; + }; }; }; in { - options.ugaif.users = { - shell = lib.mkOption { - type = lib.types.package; - default = pkgs.bash; - description = "The default shell for users."; - }; - accounts = lib.mkOption { - type = lib.types.attrsOf userSubmodule; - default = { }; - description = "User accounts configuration."; - }; - enabledUsers = lib.mkOption { - type = lib.types.listOf lib.types.str; - default = [ ]; - description = "List of users to enable on this system."; - }; + options.ugaif.users = lib.mkOption { + type = lib.types.attrsOf userSubmodule; + default = { }; + description = "User accounts configuration. Set enable=true for users that should exist on this system."; }; config = { - # Default enabled users (always present) - ugaif.users.enabledUsers = [ - "root" - "engr-ugaif" - ] - ++ lib.optional (config.ugaif.forUser != null) config.ugaif.forUser; + # Enable forUser if specified + ugaif.users = lib.mkIf (config.ugaif.forUser != null) { + ${config.ugaif.forUser}.enable = true; + }; # Generate NixOS users users.users = let - enabledAccounts = lib.filterAttrs ( - name: _: lib.elem name config.ugaif.users.enabledUsers - ) config.ugaif.users.accounts; + enabledAccounts = lib.filterAttrs (_: user: user.enable) config.ugaif.users; in lib.mapAttrs ( name: user: @@ -123,7 +117,7 @@ in description = if user.description != null then user.description else lib.mkDefault ""; openssh.authorizedKeys.keys = user.opensshKeys; packages = finalPackages; - shell = if user.shell != null then user.shell else config.ugaif.users.shell; + shell = if user.shell != null then user.shell else pkgs.bash; } ) enabledAccounts; @@ -138,9 +132,7 @@ in users = let - enabledAccounts = lib.filterAttrs ( - name: _: lib.elem name config.ugaif.users.enabledUsers - ) config.ugaif.users.accounts; + enabledAccounts = lib.filterAttrs (_: user: user.enable) config.ugaif.users; in lib.mapAttrs ( name: user: diff --git a/installer/modules.nix b/installer/modules.nix index bf8af99..c9bcb5a 100644 --- a/installer/modules.nix +++ b/installer/modules.nix @@ -19,10 +19,10 @@ # home-manager.users.myuser.imports = [ inputs.nixos-systems.homeManagerModules.theme ]; # # # Neovim module (requires user parameter): -# home-manager.users.myuser.imports = [ -# (inputs.nixos-systems.homeManagerModules.nvim { +# home-manager.users.myuser.imports = [ +# (inputs.nixos-systems.homeManagerModules.nvim { # user = config.ugaif.users.accounts.myuser; -# }) +# }) # ]; { inputs }: @@ -39,8 +39,8 @@ let }: { imports = [ - ../sw/ghostty.nix # Terminal emulator - ../sw/python.nix # Python environment + ../sw/ghostty.nix # Terminal emulator + ../sw/python.nix # Python environment (import ../sw/${swType} { inherit config @@ -60,32 +60,30 @@ let # Helper to create a Home Manager module for nvim (requires user context) # External users can import this with their user data - mkNvimModule = - user: - (import ../sw/nvim.nix { inherit user; }); + mkNvimModule = user: (import ../sw/nvim.nix { inherit user; }); in { # ========== Full Host Type Modules ========== # Complete system configurations including hardware, boot, and software - nix-desktop = import ../hosts/types/nix-desktop.nix { inherit inputs; }; # Desktop workstations - nix-laptop = import ../hosts/types/nix-laptop.nix { inherit inputs; }; # Laptop systems - nix-surface = import ../hosts/types/nix-surface.nix { inherit inputs; }; # Surface tablets - nix-lxc = import ../hosts/types/nix-lxc.nix { inherit inputs; }; # Proxmox containers - nix-wsl = import ../hosts/types/nix-wsl.nix { inherit inputs; }; # WSL2 systems + nix-desktop = import ../hosts/types/nix-desktop.nix { inherit inputs; }; # Desktop workstations + nix-laptop = import ../hosts/types/nix-laptop.nix { inherit inputs; }; # Laptop systems + nix-surface = import ../hosts/types/nix-surface.nix { inherit inputs; }; # Surface tablets + nix-lxc = import ../hosts/types/nix-lxc.nix { inherit inputs; }; # Proxmox containers + nix-wsl = import ../hosts/types/nix-wsl.nix { inherit inputs; }; # WSL2 systems nix-ephemeral = import ../hosts/types/nix-ephemeral.nix { inherit inputs; }; # Diskless/RAM-only # ========== Software-Only Modules (NixOS) ========== # For use with custom hardware configurations - sw-desktop = mkSwModule "desktop"; # Full desktop environment - sw-headless = mkSwModule "headless"; # CLI-only systems - sw-stateless-kiosk = mkSwModule "stateless-kiosk"; # Netboot kiosk - sw-tablet-kiosk = mkSwModule "tablet-kiosk"; # Touch-based kiosk + sw-desktop = mkSwModule "desktop"; # Full desktop environment + sw-headless = mkSwModule "headless"; # CLI-only systems + sw-stateless-kiosk = mkSwModule "stateless-kiosk"; # Netboot kiosk + sw-tablet-kiosk = mkSwModule "tablet-kiosk"; # Touch-based kiosk # ========== Home Manager Modules ========== # User-level configuration modules # Usage: home-manager.users.myuser.imports = [ (inputs.nixos-systems.homeManagerModules.nvim { user = ; }) ]; homeModules = { - theme = ../sw/theme.nix; # Zsh theme (no params needed) - nvim = mkNvimModule; # Neovim (requires user param) + theme = ../sw/theme.nix; # Zsh theme (no params needed) + nvim = mkNvimModule; # Neovim (requires user param) }; } diff --git a/sw/default.nix b/sw/default.nix index 790a794..7576bf6 100644 --- a/sw/default.nix +++ b/sw/default.nix @@ -71,10 +71,10 @@ in environment.systemPackages = with pkgs; subtractLists cfg.excludePackages [ - htop # System monitor - binutils # Binary utilities - zsh # Z shell - git # Version control + htop # System monitor + binutils # Binary utilities + zsh # Z shell + git # Version control oh-my-posh # Shell prompt theme inputs.agenix.packages.${stdenv.hostPlatform.system}.default # Secret management ]; diff --git a/users.nix b/users.nix index 1c60429..19bf945 100644 --- a/users.nix +++ b/users.nix @@ -9,10 +9,12 @@ # Define the users here using the new option # To generate a password hash, run: mkpasswd -m sha-512 - ugaif.users.accounts = { + # Set enabled = true on systems where the user should exist + ugaif.users = { root = { isNormalUser = false; hashedPassword = "!"; + enable = true; # Root is always enabled }; engr-ugaif = { description = "UGA Innovation Factory"; @@ -26,6 +28,7 @@ opensshKeys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBC7xzHxY2BfFUybMvG4wHSF9oEAGzRiLTFEndLvWV/X hdh20267@engr733847d.engr.uga.edu" ]; + enable = true; # Default user, enabled everywhere }; hdh20267 = { description = "Hunter Halloran"; @@ -37,6 +40,7 @@ shell = pkgs.zsh; # Example of using an external flake for configuration: # flakeUrl = "github:hdh20267/dotfiles"; + # enable = false by default, set to true per-system }; sv22900 = { description = "Alireza Vaezi"; @@ -45,6 +49,7 @@ "wheel" ]; shell = pkgs.zsh; + # enable = false by default, set to true per-system }; }; }