nix_config/sys/modules/users.nix

{
  config,
  lib,
  pkgs,
  ...
}:
with lib; let
  cfg = config.local.sys.users;
  userType = types.submodule {
    options = {
      enable = mkEnableOption "user settings";
      unixId = mkOption {
        # gid and uid are always the same
        type = types.int;
      };
      admin = mkOption {
        type = types.bool;
        default = false;
      };
      sshKeyPublicFile = mkOption {
        type = types.listOf types.path;
        default = [];
      };
    };
  };
in {
  options.local.sys.users = mkOption {
    type = types.attrsOf userType;
    default = {};
  };

  config = {
    local.sys.users = {
      fabian = {
        unixId = mkDefault 1000;
        admin = true;
      };
      vanessa = {
        unixId = mkDefault 1001;
        admin = false;
      };
      soto = {
        unixId = mkDefault 1010;
        admin = false;
      };
      diaz = {
        unixId = mkDefault 1011;
        admin = false;
      };
    };

    users = let
      enabledUsers = filterAttrs (k: v: v.enable) cfg;
    in {
      groups =
        mapAttrs (k: v: {
          gid = v.unixId;
        })
        enabledUsers;

      users =
        mapAttrs (k: v: {
          isNormalUser = true;
          uid = v.unixId;
          group = k;
          shell = pkgs.zsh;
          extraGroups =
            ["users" "networkmanager"]
            ++ optionals (v.admin) ["wheel" "libvirtd" "dialout"];
          openssh.authorizedKeys.keyFiles = v.sshKeyPublicFile;
        })
        enabledUsers;
    };
  };
}
modularize users and other stuff 2024-12-03 02:25:34 +01:00			`{`
			`config,`
			`lib,`
			`pkgs,`
			`...`
			`}:`
			`with lib; let`
			`cfg = config.local.sys.users;`
			`userType = types.submodule {`
			`options = {`
			`enable = mkEnableOption "user settings";`
			`unixId = mkOption {`
			`# gid and uid are always the same`
			`type = types.int;`
			`};`
			`admin = mkOption {`
			`type = types.bool;`
			`default = false;`
			`};`
			`sshKeyPublicFile = mkOption {`
			`type = types.listOf types.path;`
			`default = [];`
			`};`
			`};`
			`};`
			`in {`
			`options.local.sys.users = mkOption {`
			`type = types.attrsOf userType;`
			`default = {};`
			`};`

			`config = {`
			`local.sys.users = {`
			`fabian = {`
			`unixId = mkDefault 1000;`
			`admin = true;`
			`};`
			`vanessa = {`
			`unixId = mkDefault 1001;`
			`admin = false;`
			`};`
			`soto = {`
			`unixId = mkDefault 1010;`
			`admin = false;`
			`};`
			`diaz = {`
			`unixId = mkDefault 1011;`
			`admin = false;`
			`};`
			`};`

			`users = let`
			`enabledUsers = filterAttrs (k: v: v.enable) cfg;`
			`in {`
			`groups =`
			`mapAttrs (k: v: {`
			`gid = v.unixId;`
			`})`
			`enabledUsers;`

			`users =`
			`mapAttrs (k: v: {`
			`isNormalUser = true;`
			`uid = v.unixId;`
			`group = k;`
			`shell = pkgs.zsh;`
			`extraGroups =`
			`["users" "networkmanager"]`
			`++ optionals (v.admin) ["wheel" "libvirtd" "dialout"];`
			`openssh.authorizedKeys.keyFiles = v.sshKeyPublicFile;`
			`})`
			`enabledUsers;`
			`};`
			`};`
			`}`