tigor/NixOS
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

system: user groups are now only set if the corresponding module is enabled

Browse source
This commit is contained in:
Tigor Hutasuhut 2024-06-15 16:45:52 +07:00
parent 2a3c822b56
commit 2c91ce9e07
6 changed files with 12 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
system/docker/default.nix
View file

@ -1,9 +1,11 @@
{ config, lib, ... }: { config, lib, ... }:
let let
cfg = config.profile.docker; cfg = config.profile.docker;
username = config.profile.user.name;
in in
{ {
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
users.users.${username}.extraGroups = [ "docker" ];
virtualisation.docker.enable = true; virtualisation.docker.enable = true;
virtualisation.docker.autoPrune.enable = true; virtualisation.docker.autoPrune.enable = true;
virtualisation.oci-containers.backend = "docker"; virtualisation.oci-containers.backend = "docker";

2
system/modules/android.nix
View file

@ -1,9 +1,11 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let
cfg = config.profile.android; cfg = config.profile.android;
username = config.profile.user.name;
in in
{ {
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
users.users.${username}.extraGroups = [ "adbusers" ];
programs.adb.enable = true; programs.adb.enable = true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
androidenv.androidPkgs_9_0.platform-tools androidenv.androidPkgs_9_0.platform-tools

2
system/modules/printing.nix
View file

@ -1,9 +1,11 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let
cfg = config.profile.printing; cfg = config.profile.printing;
username = config.profile.user.name;
in in
{ {
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
users.users.${username}.extraGroups = [ "lp" ];
services.printing = { services.printing = {
enable = true; enable = true;
drivers = [ pkgs.brlaser ]; # Brother Laser Printer drivers = [ pkgs.brlaser ]; # Brother Laser Printer

2
system/modules/scanner.nix
View file

@ -1,9 +1,11 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let
cfg = config.profile.scanner; cfg = config.profile.scanner;
username = config.profile.user.name;
in in
{ {
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
users.users.${username}.extraGroups = [ "scanner" ];
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
skanlite skanlite
]; ];

4
system/podman/default.nix
View file

@ -1,9 +1,11 @@
{ config, lib, pkgs, ... }: { config, lib, pkgs, ... }:
let let
cfg = config.profile.podman; cfg = config.profile.podman;
username = config.profile.user.name;
in in
{ {
config = lib.mkIf cfg.enable { config = lib.mkIf cfg.enable {
users.users.${username}.extraGroups = [ "podman" ];
# services.caddy.enable = true; # services.caddy.enable = true;
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [
dive # look into docker image layers dive # look into docker image layers
@ -21,7 +23,7 @@ in
defaultNetwork.settings.dns_enabled = true; defaultNetwork.settings.dns_enabled = true;
}; };
# https://madison-technologies.com/take-your-nixos-container-config-and-shove-it/ # https://madison-technologies.com/take-your-nixos-container-config-and-shove-it/
networking.firewall.interfaces.podman1 = { networking.firewall.interfaces."podman[0-9]+" = {
allowedUDPPorts = [ 53 ]; # this needs to be there so that containers can look eachother's names up over DNS allowedUDPPorts = [ 53 ]; # this needs to be there so that containers can look eachother's names up over DNS
}; };
}; };

2
system/user.nix
View file

@ -7,7 +7,7 @@ in
users.users.${user} = { users.users.${user} = {
isNormalUser = true; isNormalUser = true;
description = fullName; description = fullName;
extraGroups = [ "networkmanager" "wheel" "docker" "adbusers" "scanner" "lp" "podman" ]; extraGroups = [ "networkmanager" "wheel" ];
shell = pkgs.zsh; shell = pkgs.zsh;
}; };