change how enabled users are handled
This commit is contained in:
UGA Innovation Factory
@@ -43,7 +43,7 @@ let
|
||||
# Load users.nix to find external user flakes
|
||||
pkgs = nixpkgs.legacyPackages.${system};
|
||||
usersData = import ../users.nix { inherit pkgs; };
|
||||
accounts = usersData.ugaif.users.accounts or { };
|
||||
accounts = usersData.ugaif.users or { };
|
||||
|
||||
# Extract flakeUrls and convert to modules
|
||||
userFlakeModules = lib.mapAttrsToList (
|
||||
@@ -87,7 +87,8 @@ let
|
||||
];
|
||||
specialConfig = lib.mkMerge [
|
||||
(lib.optionalAttrs (configOverrides ? extraUsers) {
|
||||
ugaif.users.enabledUsers = configOverrides.extraUsers;
|
||||
# Enable each user in the extraUsers list
|
||||
ugaif.users = lib.genAttrs configOverrides.extraUsers (_: { enable = true; });
|
||||
})
|
||||
(lib.optionalAttrs (configOverrides ? buildMethods) {
|
||||
ugaif.host.buildMethods = configOverrides.buildMethods;
|
||||
|
||||
@@ -64,6 +64,11 @@ let
|
||||
default = null;
|
||||
description = "The shell for this user.";
|
||||
};
|
||||
editor = lib.mkOption {
|
||||
type = lib.types.nullOr lib.types.package;
|
||||
default = null;
|
||||
description = "The default editor for this user.";
|
||||
};
|
||||
useZshTheme = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = true;
|
||||
@@ -74,42 +79,31 @@ let
|
||||
default = true;
|
||||
description = "Whether to apply the system Neovim configuration.";
|
||||
};
|
||||
enable = lib.mkOption {
|
||||
type = lib.types.bool;
|
||||
default = false;
|
||||
description = "Whether this user account is enabled on this system.";
|
||||
};
|
||||
};
|
||||
};
|
||||
in
|
||||
{
|
||||
options.ugaif.users = {
|
||||
shell = lib.mkOption {
|
||||
type = lib.types.package;
|
||||
default = pkgs.bash;
|
||||
description = "The default shell for users.";
|
||||
};
|
||||
accounts = lib.mkOption {
|
||||
type = lib.types.attrsOf userSubmodule;
|
||||
default = { };
|
||||
description = "User accounts configuration.";
|
||||
};
|
||||
enabledUsers = lib.mkOption {
|
||||
type = lib.types.listOf lib.types.str;
|
||||
default = [ ];
|
||||
description = "List of users to enable on this system.";
|
||||
};
|
||||
options.ugaif.users = lib.mkOption {
|
||||
type = lib.types.attrsOf userSubmodule;
|
||||
default = { };
|
||||
description = "User accounts configuration. Set enable=true for users that should exist on this system.";
|
||||
};
|
||||
|
||||
config = {
|
||||
# Default enabled users (always present)
|
||||
ugaif.users.enabledUsers = [
|
||||
"root"
|
||||
"engr-ugaif"
|
||||
]
|
||||
++ lib.optional (config.ugaif.forUser != null) config.ugaif.forUser;
|
||||
# Enable forUser if specified
|
||||
ugaif.users = lib.mkIf (config.ugaif.forUser != null) {
|
||||
${config.ugaif.forUser}.enable = true;
|
||||
};
|
||||
|
||||
# Generate NixOS users
|
||||
users.users =
|
||||
let
|
||||
enabledAccounts = lib.filterAttrs (
|
||||
name: _: lib.elem name config.ugaif.users.enabledUsers
|
||||
) config.ugaif.users.accounts;
|
||||
enabledAccounts = lib.filterAttrs (_: user: user.enable) config.ugaif.users;
|
||||
in
|
||||
lib.mapAttrs (
|
||||
name: user:
|
||||
@@ -123,7 +117,7 @@ in
|
||||
description = if user.description != null then user.description else lib.mkDefault "";
|
||||
openssh.authorizedKeys.keys = user.opensshKeys;
|
||||
packages = finalPackages;
|
||||
shell = if user.shell != null then user.shell else config.ugaif.users.shell;
|
||||
shell = if user.shell != null then user.shell else pkgs.bash;
|
||||
}
|
||||
) enabledAccounts;
|
||||
|
||||
@@ -138,9 +132,7 @@ in
|
||||
|
||||
users =
|
||||
let
|
||||
enabledAccounts = lib.filterAttrs (
|
||||
name: _: lib.elem name config.ugaif.users.enabledUsers
|
||||
) config.ugaif.users.accounts;
|
||||
enabledAccounts = lib.filterAttrs (_: user: user.enable) config.ugaif.users;
|
||||
in
|
||||
lib.mapAttrs (
|
||||
name: user:
|
||||
|
||||
@@ -9,10 +9,12 @@
|
||||
|
||||
# Define the users here using the new option
|
||||
# To generate a password hash, run: mkpasswd -m sha-512
|
||||
ugaif.users.accounts = {
|
||||
# Set enabled = true on systems where the user should exist
|
||||
ugaif.users = {
|
||||
root = {
|
||||
isNormalUser = false;
|
||||
hashedPassword = "!";
|
||||
enable = true; # Root is always enabled
|
||||
};
|
||||
engr-ugaif = {
|
||||
description = "UGA Innovation Factory";
|
||||
@@ -26,6 +28,7 @@
|
||||
opensshKeys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBC7xzHxY2BfFUybMvG4wHSF9oEAGzRiLTFEndLvWV/X hdh20267@engr733847d.engr.uga.edu"
|
||||
];
|
||||
enable = true; # Default user, enabled everywhere
|
||||
};
|
||||
hdh20267 = {
|
||||
description = "Hunter Halloran";
|
||||
@@ -37,6 +40,7 @@
|
||||
shell = pkgs.zsh;
|
||||
# Example of using an external flake for configuration:
|
||||
# flakeUrl = "github:hdh20267/dotfiles";
|
||||
# enable = false by default, set to true per-system
|
||||
};
|
||||
sv22900 = {
|
||||
description = "Alireza Vaezi";
|
||||
@@ -45,6 +49,7 @@
|
||||
"wheel"
|
||||
];
|
||||
shell = pkgs.zsh;
|
||||
# enable = false by default, set to true per-system
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user