Commit 08784f7

HPCesia <me@hpcesia.com>
2025-09-30 16:18:34
refactor: migrate users config
1 parent ba964f3
Changed files (9)
home
base
linux
modules
core
hosts
chaser-kevin
chaser-pardofelis
users
os-modules
home/base/home.nix
@@ -1,7 +1,2 @@
-{myvars, ...}: {
-  # Home Manager needs a bit of information about you and the
-  # paths it should manage.
-  home = {
-    inherit (myvars) username;
-  };
+{
 }
home/linux/base/shell.nix
@@ -1,14 +1,8 @@
-{
-  config,
-  myvars,
-  ...
-}: let
+{config, ...}: let
   d = config.xdg.dataHome;
   c = config.xdg.configHome;
   cache = config.xdg.cacheHome;
 in {
-  home.homeDirectory = "/home/${myvars.username}";
-
   # environment variables that always set at login
   home.sessionVariables = {
     # clean up ~
modules/core/user.nix
@@ -0,0 +1,6 @@
+{
+  flake.modules.nixos.core = _: {
+    services.userborn.enable = true;
+    users.mutableUsers = false;
+  };
+}
modules/hosts/chaser-kevin/default.nix
@@ -12,6 +12,8 @@
     imports =
       (with config.flake.modules.nixos; [
         core
+        user-root
+        user-hpcesia
       ])
       ++ [
         {
@@ -19,6 +21,7 @@
             imports =
               (with config.flake.modules.homeManager; [
                 core
+                user-hpcesia
               ])
               # TODO: remove below after migrated all config to Dendritic Pattern
               ++ (map (lib.path.append config.flake.meta.rootPath) [
modules/hosts/chaser-pardofelis/default.nix
@@ -6,6 +6,7 @@
   flake.modules.nixos."hosts/pardofelis" = {
     imports = with config.flake.modules.nixos; [
       core
+      user-root
     ];
   };
 }
modules/users/hpcesia.nix
@@ -0,0 +1,23 @@
+{
+  flake.modules.nixos.user-hpcesia = _: {
+    users.users.hpcesia = {
+      description = "HPCesia";
+      home = "/home/hpcesia";
+      isNormalUser = true;
+      extraGroups = [
+        "hpcesia"
+        "users"
+        "networkmanager"
+        "wheel"
+      ];
+      openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIyxd+nyK9cnULmzXIMhE1/rIB3VMsJ6SuWV4Ha8oE0F hpcesia@kevin"];
+    };
+
+    users.groups.hpcesia = {};
+  };
+
+  flake.modules.homeManager.user-hpcesia = _: {
+    home.username = "hpcesia";
+    home.homeDirectory = "/home/hpcesia";
+  };
+}
modules/users/root.nix
@@ -0,0 +1,7 @@
+{
+  flake.modules.nixos.user-root = _: {
+    users.users.root = {
+      openssh.authorizedKeys.keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIyxd+nyK9cnULmzXIMhE1/rIB3VMsJ6SuWV4Ha8oE0F hpcesia@kevin"];
+    };
+  };
+}
os-modules/base/users.nix
@@ -1,6 +1,5 @@
 {
   lib,
-  myvars,
   config,
   ...
 }: let
@@ -22,11 +21,6 @@
   isSecret = v: lib.isAttrs v && v ? "secretName";
   isPlain = v: lib.isString v;
 in {
-  users.users.${myvars.username} = {
-    description = myvars.userfullname;
-    openssh.authorizedKeys.keys = myvars.sshAuthorizedKeys;
-  };
-
   programs.mosh.enable = true; # Alternative of SSH for high latency connections
   programs.ssh.knownHosts =
     lib.mapAttrs'
os-modules/nixos/base/user-group.nix
@@ -1,13 +1,5 @@
-{
-  myvars,
-  config,
-  ...
-}: {
-  # Don't allow mutation of users outside the config.
-  users.mutableUsers = false;
-
+{myvars, ...}: {
   users.groups = {
-    "${myvars.username}" = {};
     ssh-secrets-users = {};
   };
 
@@ -15,13 +7,7 @@
     # generated by `mkpasswd -m scrypt`
     # we have to use initialHashedPassword here when using tmpfs for /
     inherit (myvars) initialHashedPassword;
-    home = "/home/${myvars.username}";
-    isNormalUser = true;
     extraGroups = [
-      myvars.username
-      "users"
-      "networkmanager"
-      "wheel"
       "aria2"
       "ssh-secrets-users"
     ];
@@ -30,6 +16,5 @@
   # root's ssh key are mainly used for remote deployment
   users.users.root = {
     inherit (myvars) initialHashedPassword;
-    openssh.authorizedKeys.keys = myvars.sshAuthorizedKeys;
   };
 }