Small refactor

2025-03-25 21:30:52 +01:00 · 2022-01-01 20:46:20 +01:00 · 2022-01-01 20:46:20 +01:00 · de03120bfd
commit de03120bfd
parent d05b910886
7 changed files with 41 additions and 8 deletions
--- a/base.nix
+++ b/base.nix
@ -2,13 +2,8 @@

 {

-  imports = [
-    ./users/default.nix
-    ./users/julien.nix
-  ];
-
  luj.nix.enable = true;
-  luj.secrets.enable = true;
+  #luj.secrets.enable = true;
  luj.ssh-server.enable = true;
  luj.programs.mosh.enable = true;

--- a/machines/lisa/default.nix
+++ b/machines/lisa/default.nix
@ -9,6 +9,8 @@
      (modulesPath + "/profiles/qemu-guest.nix")
      ./hardware.nix
      ./home-julien.nix
+      ../../users/julien.nix
+      ../../users/default.nix
    ];


--- a/machines/macintosh/default.nix
+++ b/machines/macintosh/default.nix
@ -7,6 +7,8 @@
      (modulesPath + "/installer/scan/not-detected.nix")
      ./hardware.nix
      ./home-julien.nix
+      ../../users/julien.nix
+      ../../users/default.nix
    ];


--- a/machines/newton/default.nix
+++ b/machines/newton/default.nix
@ -9,6 +9,8 @@ in
      (modulesPath + "/installer/scan/not-detected.nix")
      ./hardware.nix
      ./home-julien.nix
+      ../../users/julien.nix
+      ../../users/default.nix
    ];

  luj = {
--- a/rpi.nix
+++ b/rpi.nix
@ -1,5 +1,8 @@
 { config, pkgs, lib, ... }:
 {
+
+
+  imports = [ ./users/status.nix ];
  # NixOS wants to enable GRUB by default
  boot.loader.grub.enable = false;

@ -41,5 +44,5 @@
  # when installing lots of things while running other things at the same time.
  swapDevices = [ { device = "/swapfile"; size = 1024; } ];

-  luj.hmgr.julien = {};
+  luj.hmgr.status = {};
 }
--- a/users/julien.nix
+++ b/users/julien.nix
@ -5,7 +5,7 @@
  users.users.julien = {
    isNormalUser = true;
    home = "/home/julien";
-    extraGroups = [ "wheel" config.users.groups.keys.name]; 
+    extraGroups = [ "wheel" config.users.groups.keys.name ];
    shell = pkgs.fish;
    passwordFile = config.sops.secrets.user-julien-password.path;
    openssh.authorizedKeys.keyFiles = [
@ -17,5 +17,17 @@
  };

  nix.allowedUsers = [ "julien" ];
+  sops.secrets.ens-mail-passwd = {
+    owner = "julien";
+    path = "/home/julien/.config/ens-mail-passwd";
+  };
+
+  sops.secrets.sendinblue-mail-passwd = { };
+  sops.secrets.git-gpg-private-key = {
+    owner = "julien";
+    mode = "0440";
+    group = config.users.groups.keys.name;
+  };
+

 }
--- a/users/status.nix
+++ b/users/status.nix
@ -0,0 +1,17 @@
+{ config, pkgs, lib, ... }: {
+
+  users.users.julien = {
+    isNormalUser = true;
+    home = "/home/status";
+    extraGroups = [ "wheel" ];
+    shell = pkgs.fish;
+    openssh.authorizedKeys.keyFiles = [
+      (pkgs.fetchurl {
+        url = "https://github.com/JulienMalka.keys";
+        sha256 = "sha256-nBgn7jOqi/nPHhTy3x/oirL+A4X2gbmwy1NXLZhV99M=";
+      })
+    ];
+  };
+
+  nix.allowedUsers = [ "status" ];
+}