Refactor configs into modules

author: Kjetil Orbekk <kj@orbekk.com> 2021-03-07 15:11:56 -0500
committer: Kjetil Orbekk <kj@orbekk.com> 2021-03-07 15:11:56 -0500
commit: 78529ae2641e8645ee3459753819d0ecff655d86 (patch)
tree: 03f2f8e25ad0decd0f6dcd0a65664a8f7a90796a /modules/users.nix
parent: 46e1d2a1552d4aaad676faf49cb0582515d62c86 (diff)
1 files changed, 100 insertions, 0 deletions
diff --git a/modules/users.nix b/modules/users.nix
new file mode 100644
index 0000000..b595754
--- /dev/null
+++ b/modules/users.nix
@@ -0,0 +1,100 @@
+{ config, lib, pkgs, ... }:
+let aliases = import ../data/aliases.nix;
+in {
+  users = {
+    defaultUserShell = pkgs.zsh;
+    extraUsers = {
+      orbekk = {
+        isNormalUser = true;
+        home = "/home/orbekk";
+        uid = 1000;
+        description = "KJ";
+        extraGroups = ["wheel" "networkmanager" "dialout" "uucp" "audio" "plugdev" "lxd" "readonly" "input" "vboxusers" "video" "sound" "tty" ];
+        openssh.authorizedKeys.keyFiles = [
+          ../data/pincer_rsa.pub
+          ../data/yubikey_rsa.pub
+        ];
+      };
+      guest = {
+	    isNormalUser = true;
+	    home = "/home/guest";
+	    uid = 1500;
+	    description = "Guest";
+	    extraGroups = ["networkmanager" "audio" "input"];
+      };
+      fcgi = {
+        group = "fcgi";
+	      extraGroups = ["readonly"];
+	      uid = 500;
+      };
+      systemhttpd = {
+        name = "systemhttpd";
+        group = "systemhttpd";
+        createHome = true;
+        uid = 502;
+        home = "/var/lib/systemhttpd";
+      };
+      linoquotes = {
+        name = "linoquotes";
+        group = "linoquotes";
+        createHome = true;
+        uid = 503;
+        home = "/var/lib/linoquotes";
+      };
+      minecraft = {
+        name = "minecraft";
+        uid = config.ids.uids.minecraft;
+        extraGroups = ["readonly"];
+      };
+      stats = {
+        name = "stats";
+        group = "stats";
+        createHome = true;
+        uid = 504;
+        home = aliases.services.stats.home;
+      };
+      terraria = {
+        name = "terraria";
+	      group = "terraria";
+	      createHome = true;
+	      uid = 505;
+	      home = "/var/lib/terraria";
+      };
+      readonly = {
+        group = "readonly";
+	      createHome = false;
+	      uid = 506;
+	      useDefaultShell = true;
+	      home = "/storage";
+      };
+      pjournal = {
+        group = "pjournal";
+        createHome = false;
+        uid = 507;
+      };
+      pjournal_test = {
+        group = "pjournal_test";
+        createHome = false;
+        uid = 508;
+      };
+      mpd = lib.optionalAttrs config.services.mpd.enable {
+        extraGroups = ["readonly"];
+      };
+      nginx = lib.optionalAttrs config.services.nginx.enable {
+        extraGroups = ["readonly"]; 
+      };
+    };
+    extraGroups = {
+      fcgi = { name = "fcgi"; gid = 500; };
+      plugdev = { name = "plugdev"; gid = 501; };
+      systemhttpd = { name = "systemhttpd"; gid = 502; };
+      linoquotes = { name = "linoquotes"; gid = 503; };
+      stats = { name = "stats"; gid = 504; };
+      terraria = { name = "terraria"; gid = 505; };
+      readonly = { gid = 506; };
+      pjournal = { gid = 507; };
+      pjournal_test = { gid = 508; };
+    };
+  };
+}
+
author	Kjetil Orbekk <kj@orbekk.com>	2021-03-07 15:11:56 -0500
committer	Kjetil Orbekk <kj@orbekk.com>	2021-03-07 15:11:56 -0500
commit	78529ae2641e8645ee3459753819d0ecff655d86 (patch)
tree	03f2f8e25ad0decd0f6dcd0a65664a8f7a90796a /modules/users.nix
parent	46e1d2a1552d4aaad676faf49cb0582515d62c86 (diff)