Olivier/chiasson-nix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Rebase to flake parts #6

Browse Source
This commit is contained in:
OlivierChiasson
2026-05-08 19:05:10 -03:00
parent d51f41566c
commit 1015cf4577
18 changed files with 934 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules/system/users/catalog-options.nix
+42
View File
@@ -0,0 +1,42 @@
{ ... }: {
flake.nixosModules.usersCatalogOptions =
{ lib, ... }:
{
options.chiasson.users = {
catalog = lib.mkOption {
type = lib.types.attrs;
default = { };
description = ''
User records merged from `usersCatalogDefaults`; override with `hostOverrides` or `mkForce`.
'';
};
enabled = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ ];
description = "Catalog names to materialize as `users.users` on this machine.";
};
hostOverrides = lib.mkOption {
type = lib.types.attrs;
default = { };
description = ''
`recursiveUpdate`d onto catalog users.
'';
};
extraModules = lib.mkOption {
type = lib.types.attrsOf (lib.types.listOf lib.types.unspecified);
default = { };
description = ''
Per-user Home Manager `extraModules` keyed by catalog user name.
Keys must match `chiasson.users.enabled`.
'';
};
homeManager = {
autoWire = lib.mkOption {
type = lib.types.bool;
default = true;
description = "Create HM users from the catalog when true.";
};
};
};
};
}
modules/system/users/default.nix
+27
View File
@@ -0,0 +1,27 @@
# Catalog → NixOS `users.users` + Home Manager + SSH inbound.
{ self, ... }: {
flake.nixosModules.users =
{ config, lib, ... }:
let
usersLib = self.lib.usersMerge lib;
selectUsers =
c:
let
uc = c.chiasson.users;
in
usersLib.selectedUsersAttr {
catalog = uc.catalog;
enabled = uc.enabled;
hostOverrides = uc.hostOverrides;
};
in
{
imports = [
self.nixosModules.sshInbound
self.nixosModules.usersCatalogOptions
self.nixosModules.usersCatalogDefaults
{ _module.args = { inherit self usersLib selectUsers; }; }
self.nixosModules.usersHomeIntegration
];
};
}
modules/system/users/home-integration.nix
+51
View File
@@ -0,0 +1,51 @@
{ ... }: {
flake.nixosModules.usersHomeIntegration =
{ config, options, lib, self, usersLib, selectUsers, ... }:
let
cfg = config.chiasson.users;
selected = selectUsers config;
missing = usersLib.missingEnabledNames cfg.catalog cfg.enabled;
stray = usersLib.strayHomeUserKeys cfg.extraModules cfg.enabled;
names = usersLib.hmWiredNames selected;
hmAvailable = lib.hasAttrByPath [ "home-manager" "users" ] options;
hmUsersAttr = lib.listToAttrs (
map (name: {
inherit name;
value = usersLib.mkHmUserModule {
inherit name;
user = selected.${name};
hostExtraModules = cfg.extraModules.${name} or [ ];
};
}) names
);
inboundUsersAttr = usersLib.inboundHostsAttr selected;
in
{
config = lib.mkMerge [
{
assertions = [
{
assertion = missing == [ ];
message = "chiasson.users.enabled references unknown catalog users: ${builtins.concatStringsSep ", " missing}";
}
{
assertion = stray == [ ];
message = "chiasson.users.extraModules has keys not in chiasson.users.enabled: ${builtins.concatStringsSep ", " stray}";
}
];
}
{
users.users = lib.mapAttrs (name: user: usersLib.mkNixosUser name user) selected;
}
(lib.optionalAttrs hmAvailable {
"home-manager".useGlobalPkgs = lib.mkIf (cfg.homeManager.autoWire && names != [ ]) true;
"home-manager".sharedModules = lib.mkIf (cfg.homeManager.autoWire && names != [ ]) [ self.homeManagerModules.sshOutboundRbw ];
"home-manager".users = lib.mkIf (cfg.homeManager.autoWire && names != [ ]) hmUsersAttr;
})
(lib.mkIf (inboundUsersAttr != { }) {
chiasson.ssh.inbound.enable = true;
chiasson.ssh.inbound.userAuthorizedHosts = inboundUsersAttr;
})
];
};
}