From 16f28bf227d5c012ebf32b76ea14922859af852c Mon Sep 17 00:00:00 2001 From: Mohammad Rafiq Date: Thu, 27 Mar 2025 02:49:54 +0800 Subject: [PATCH] refactor: revert username global var --- flake.nix | 8 +++++--- systems/default.nix | 24 +++--------------------- systems/modules/programs/getty.nix | 3 +-- systems/modules/programs/hyprlock.nix | 3 +-- systems/modules/programs/tailscale.nix | 2 ++ systems/modules/security.nix | 9 +++++++++ systems/modules/security/sops.nix | 8 ++++++++ systems/modules/stylix.nix | 6 +++--- systems/modules/users.nix | 16 ++++++++++++++++ systems/modules/users/rafiq.nix | 16 ++++++++++++++++ users/rafiq.nix | 6 ++---- 11 files changed, 66 insertions(+), 35 deletions(-) create mode 100644 systems/modules/programs/tailscale.nix create mode 100644 systems/modules/security.nix create mode 100644 systems/modules/security/sops.nix create mode 100644 systems/modules/users.nix create mode 100644 systems/modules/users/rafiq.nix diff --git a/flake.nix b/flake.nix index 1c8effb..4b0c851 100644 --- a/flake.nix +++ b/flake.nix @@ -5,7 +5,6 @@ ... }@inputs: let - username = "rafiq"; mkSystem = type: hostname: { name = "${hostname}"; value = @@ -16,13 +15,16 @@ inputs type hostname - username ; }; in inputs.nixpkgs.lib.nixosSystem { specialArgs = args; - modules = [ ./systems ]; + modules = [ + ./systems + inputs.home-manager.nixosModules.home-manager + inputs.sops-nix.nixosModules.sops + ]; }; }; in diff --git a/systems/default.nix b/systems/default.nix index d339a38..c61acfe 100644 --- a/systems/default.nix +++ b/systems/default.nix @@ -18,8 +18,8 @@ ./modules/bootloaders/systemd-boot.nix ./modules/programs/zsh.nix ./modules/hardware/networking.nix - inputs.sops-nix.nixosModules.sops - inputs.home-manager.nixosModules.home-manager + ./modules/security.nix + ./modules/users.nix ] # Options for desktops. (lib.optionals (type == "desktop") [ @@ -53,29 +53,16 @@ "sd_mod" ]; }; + home-manager = { useGlobalPkgs = true; useUserPackages = true; extraSpecialArgs = specialArgs; - users.${username}.imports = [ ../users/rafiq.nix ]; }; system.stateVersion = "24.11"; users.mutableUsers = false; # Always reset users on system activation - users.users.${username} = { - isNormalUser = true; - description = "${username}"; - hashedPasswordFile = config.sops.secrets.password.path; - extraGroups = [ - "networkmanager" - "wheel" - ]; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILdsZyY3gu8IGB8MzMnLdh+ClDxQQ2RYG9rkeetIKq8n" - ]; - }; - security.sudo.wheelNeedsPassword = false; nixpkgs.config.allowUnfree = true; nix = { @@ -108,9 +95,4 @@ i18n.defaultLocale = "en_SG.UTF-8"; - sops = { - defaultSopsFile = ../secrets/secrets.yaml; - age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; - secrets.password.neededForUsers = true; - }; } diff --git a/systems/modules/programs/getty.nix b/systems/modules/programs/getty.nix index 4a4f129..08faabb 100644 --- a/systems/modules/programs/getty.nix +++ b/systems/modules/programs/getty.nix @@ -1,6 +1,5 @@ -{ username, ... }: { services.getty = { - autologinUser = "${username}"; + autologinUser = "rafiq"; }; } diff --git a/systems/modules/programs/hyprlock.nix b/systems/modules/programs/hyprlock.nix index fa96f41..71e06ca 100644 --- a/systems/modules/programs/hyprlock.nix +++ b/systems/modules/programs/hyprlock.nix @@ -2,7 +2,6 @@ inputs, hostname, pkgs, - username, ... }: let @@ -18,7 +17,7 @@ let in { security.pam.services.hyprlock = { }; - home-manager.users.${username} = { + home-manager.users.rafiq = { programs.hyprlock = { enable = true; package = inputs.hyprlock.packages.${pkgs.stdenv.hostPlatform.system}.hyprlock; diff --git a/systems/modules/programs/tailscale.nix b/systems/modules/programs/tailscale.nix new file mode 100644 index 0000000..2c63c08 --- /dev/null +++ b/systems/modules/programs/tailscale.nix @@ -0,0 +1,2 @@ +{ +} diff --git a/systems/modules/security.nix b/systems/modules/security.nix new file mode 100644 index 0000000..4fafcfb --- /dev/null +++ b/systems/modules/security.nix @@ -0,0 +1,9 @@ +{ + sops = { + defaultSopsFile = ../../secrets/secrets.yaml; + age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; + secrets.password.neededForUsers = true; + }; + + security.sudo.wheelNeedsPassword = false; +} diff --git a/systems/modules/security/sops.nix b/systems/modules/security/sops.nix new file mode 100644 index 0000000..55c6f5b --- /dev/null +++ b/systems/modules/security/sops.nix @@ -0,0 +1,8 @@ +{ inputs, ... }: +{ + sops = { + defaultSopsFile = ../../../secrets/secrets.yaml; + age.sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ]; + secrets.password.neededForUsers = true; + }; +} diff --git a/systems/modules/stylix.nix b/systems/modules/stylix.nix index 571ef14..1dade38 100644 --- a/systems/modules/stylix.nix +++ b/systems/modules/stylix.nix @@ -1,4 +1,4 @@ -{ inputs, username, ... }: +{ inputs, ... }: let opacity = 0.8; toImport = [ @@ -25,12 +25,12 @@ in fonts.enableDefaultPackages = true; imports = [ inputs.stylix.nixosModules.stylix ] ++ toImport; - home-manager.users.${username}.imports = [ inputs.stylix.homeManagerModules.stylix ] ++ toImport; + home-manager.users.rafiq.imports = [ inputs.stylix.homeManagerModules.stylix ] ++ toImport; # Put options that only exist in the NixOS module here. stylix.homeManagerIntegration.autoImport = false; stylix.homeManagerIntegration.followSystem = false; # Put options that only exist in the home-manager module here. - # home-manager.users.${username}.stylix = {}; + # home-manager.users.rafiq.stylix = {}; } diff --git a/systems/modules/users.nix b/systems/modules/users.nix new file mode 100644 index 0000000..f9b11af --- /dev/null +++ b/systems/modules/users.nix @@ -0,0 +1,16 @@ +{ config, ... }: +{ + home-manager.users.rafiq.imports = [ ../../users/rafiq.nix ]; + users.users.rafiq = { + isNormalUser = true; + description = "rafiq"; + hashedPasswordFile = config.sops.secrets.password.path; + extraGroups = [ + "networkmanager" + "wheel" + ]; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILdsZyY3gu8IGB8MzMnLdh+ClDxQQ2RYG9rkeetIKq8n" + ]; + }; +} diff --git a/systems/modules/users/rafiq.nix b/systems/modules/users/rafiq.nix new file mode 100644 index 0000000..93906b4 --- /dev/null +++ b/systems/modules/users/rafiq.nix @@ -0,0 +1,16 @@ +{ inputs, config, ... }: +{ + home-manager.users.rafiq.imports = [ ../../../users/rafiq.nix ]; + users.users.rafiq = { + isNormalUser = true; + description = "rafiq"; + hashedPasswordFile = config.sops.secrets.password.path; + extraGroups = [ + "networkmanager" + "wheel" + ]; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILdsZyY3gu8IGB8MzMnLdh+ClDxQQ2RYG9rkeetIKq8n" + ]; + }; +} diff --git a/users/rafiq.nix b/users/rafiq.nix index 8c9841a..7fadc87 100644 --- a/users/rafiq.nix +++ b/users/rafiq.nix @@ -1,8 +1,6 @@ { pkgs, inputs, - lib, - username, ... }: { @@ -57,8 +55,8 @@ }; home = { - username = "${username}"; - homeDirectory = "/home/${username}"; + username = "rafiq"; + homeDirectory = "/home/rafiq"; # This defines the version home-manager # was originally bulit against on this system.