From e0618827276fd394514e7acd9152d35a49ec1c66 Mon Sep 17 00:00:00 2001 From: Stefan Ellmauthaler Date: Wed, 24 May 2023 10:39:45 +0200 Subject: [PATCH] Add option for additional groups to user meta definition --- machines/nucturne/default.nix | 30 ++++++++++++++++++++---------- machines/stel-xps/default.nix | 31 ++++++++++++++++++++----------- modules/users.nix | 8 +++++++- 3 files changed, 47 insertions(+), 22 deletions(-) diff --git a/machines/nucturne/default.nix b/machines/nucturne/default.nix index 98c9180..d6f759b 100644 --- a/machines/nucturne/default.nix +++ b/machines/nucturne/default.nix @@ -1,6 +1,11 @@ -{ config, pkgs, inputs, nixos-hardware, ... }: { - imports = - [ ../../common/users.nix ./hardware-configuration.nix ./software.nix ]; +{ + config, + pkgs, + inputs, + nixos-hardware, + ... +}: { + imports = [../../common/users.nix ./hardware-configuration.nix ./software.nix]; elss = { # base system @@ -29,10 +34,10 @@ openvpn.enable = true; # nm-networks - networking.nmConnections = [ ]; + networking.nmConnections = []; # enable sops - sops = { enable = true; }; + sops = {enable = true;}; # enable wireguard wireguard.enable = true; @@ -40,17 +45,22 @@ # user setup users = { enable = true; - admins = [ "ellmau" ]; - users = [ ]; + admins = ["ellmau"]; + users = []; - meta = { ellmau.git = { signDefault = true; }; }; + meta = { + ellmau = { + git = {signDefault = true;}; + extraGroups = ["networkmanager"]; + }; + }; }; }; boot = { - extraModulePackages = [ config.boot.kernelPackages.v4l2loopback ]; + extraModulePackages = [config.boot.kernelPackages.v4l2loopback]; - kernelModules = [ "v4l2loopback" ]; + kernelModules = ["v4l2loopback"]; plymouth.enable = true; }; diff --git a/machines/stel-xps/default.nix b/machines/stel-xps/default.nix index 68e354e..af510c4 100644 --- a/machines/stel-xps/default.nix +++ b/machines/stel-xps/default.nix @@ -1,4 +1,10 @@ -{ config, pkgs, inputs, nixos-hardware, ... }: { +{ + config, + pkgs, + inputs, + nixos-hardware, + ... +}: { imports = [ ../../common/users.nix ./printer.nix @@ -34,10 +40,10 @@ openvpn.enable = true; # nm-networks - networking.nmConnections = [ "tartaros" "eduroam" ]; + networking.nmConnections = ["tartaros" "eduroam"]; # enable sops - sops = { enable = true; }; + sops = {enable = true;}; # enable wireguard wireguard.enable = true; @@ -45,23 +51,26 @@ # user setup users = { enable = true; - admins = [ "ellmau" ]; - users = [ ]; + admins = ["ellmau"]; + users = []; meta = { - ellmau.git = { - key = "0x4998BEEE"; - gpgsm = true; - signDefault = true; + ellmau = { + git = { + key = "0x4998BEEE"; + gpgsm = true; + signDefault = true; + }; + extraGroups = ["networkmanager"]; }; }; }; }; boot = { - extraModulePackages = [ config.boot.kernelPackages.v4l2loopback ]; + extraModulePackages = [config.boot.kernelPackages.v4l2loopback]; - kernelModules = [ "v4l2loopback" ]; + kernelModules = ["v4l2loopback"]; plymouth.enable = true; }; diff --git a/modules/users.nix b/modules/users.nix index 4039775..580beaf 100644 --- a/modules/users.nix +++ b/modules/users.nix @@ -45,6 +45,12 @@ with lib; { type = types.str; description = "Email address of the user"; }; + extraGroups = mkOption { + type = types.listOf types.str; + description = "additional groups to add"; + default = []; + }; + git = mkOption { type = types.submodule { options = { @@ -92,7 +98,7 @@ with lib; { inherit (meta) description; isNormalUser = true; home = "/home/${login}"; - extraGroups = []; + extraGroups = meta.extraGroups; openssh.authorizedKeys.keys = meta.publicKeys; };