From de03120bfd558f6efae6addeb267da60476c962b Mon Sep 17 00:00:00 2001 From: Julien Malka Date: Sat, 1 Jan 2022 20:46:20 +0100 Subject: [PATCH] Small refactor --- base.nix | 7 +------ machines/lisa/default.nix | 2 ++ machines/macintosh/default.nix | 2 ++ machines/newton/default.nix | 2 ++ rpi.nix | 5 ++++- users/julien.nix | 14 +++++++++++++- users/status.nix | 17 +++++++++++++++++ 7 files changed, 41 insertions(+), 8 deletions(-) create mode 100644 users/status.nix diff --git a/base.nix b/base.nix index c3970c2..91787b6 100644 --- a/base.nix +++ b/base.nix @@ -2,13 +2,8 @@ { - imports = [ - ./users/default.nix - ./users/julien.nix - ]; - luj.nix.enable = true; - luj.secrets.enable = true; + #luj.secrets.enable = true; luj.ssh-server.enable = true; luj.programs.mosh.enable = true; diff --git a/machines/lisa/default.nix b/machines/lisa/default.nix index 26bb2d4..93392fe 100644 --- a/machines/lisa/default.nix +++ b/machines/lisa/default.nix @@ -9,6 +9,8 @@ (modulesPath + "/profiles/qemu-guest.nix") ./hardware.nix ./home-julien.nix + ../../users/julien.nix + ../../users/default.nix ]; diff --git a/machines/macintosh/default.nix b/machines/macintosh/default.nix index cebde4e..2482d65 100644 --- a/machines/macintosh/default.nix +++ b/machines/macintosh/default.nix @@ -7,6 +7,8 @@ (modulesPath + "/installer/scan/not-detected.nix") ./hardware.nix ./home-julien.nix + ../../users/julien.nix + ../../users/default.nix ]; diff --git a/machines/newton/default.nix b/machines/newton/default.nix index e013682..aeb7b6b 100644 --- a/machines/newton/default.nix +++ b/machines/newton/default.nix @@ -9,6 +9,8 @@ in (modulesPath + "/installer/scan/not-detected.nix") ./hardware.nix ./home-julien.nix + ../../users/julien.nix + ../../users/default.nix ]; luj = { diff --git a/rpi.nix b/rpi.nix index eef55be..156b5f4 100644 --- a/rpi.nix +++ b/rpi.nix @@ -1,5 +1,8 @@ { config, pkgs, lib, ... }: { + + + imports = [ ./users/status.nix ]; # NixOS wants to enable GRUB by default boot.loader.grub.enable = false; @@ -41,5 +44,5 @@ # when installing lots of things while running other things at the same time. swapDevices = [ { device = "/swapfile"; size = 1024; } ]; - luj.hmgr.julien = {}; + luj.hmgr.status = {}; } diff --git a/users/julien.nix b/users/julien.nix index 6f3d3ba..76df441 100644 --- a/users/julien.nix +++ b/users/julien.nix @@ -5,7 +5,7 @@ users.users.julien = { isNormalUser = true; home = "/home/julien"; - extraGroups = [ "wheel" config.users.groups.keys.name]; + extraGroups = [ "wheel" config.users.groups.keys.name ]; shell = pkgs.fish; passwordFile = config.sops.secrets.user-julien-password.path; openssh.authorizedKeys.keyFiles = [ @@ -17,5 +17,17 @@ }; nix.allowedUsers = [ "julien" ]; + sops.secrets.ens-mail-passwd = { + owner = "julien"; + path = "/home/julien/.config/ens-mail-passwd"; + }; + + sops.secrets.sendinblue-mail-passwd = { }; + sops.secrets.git-gpg-private-key = { + owner = "julien"; + mode = "0440"; + group = config.users.groups.keys.name; + }; + } diff --git a/users/status.nix b/users/status.nix new file mode 100644 index 0000000..81aa3f1 --- /dev/null +++ b/users/status.nix @@ -0,0 +1,17 @@ +{ config, pkgs, lib, ... }: { + + users.users.julien = { + isNormalUser = true; + home = "/home/status"; + extraGroups = [ "wheel" ]; + shell = pkgs.fish; + openssh.authorizedKeys.keyFiles = [ + (pkgs.fetchurl { + url = "https://github.com/JulienMalka.keys"; + sha256 = "sha256-nBgn7jOqi/nPHhTy3x/oirL+A4X2gbmwy1NXLZhV99M="; + }) + ]; + }; + + nix.allowedUsers = [ "status" ]; +}