[NixOS] Add railbird user

This commit is contained in:
Ivan Malison 2024-06-10 16:13:19 -06:00
parent b9f87ac490
commit cef3b04ebd
3 changed files with 175 additions and 10 deletions

View File

@ -21,6 +21,30 @@
"type": "github" "type": "github"
} }
}, },
"agenix_2": {
"inputs": {
"darwin": "darwin_2",
"home-manager": "home-manager_3",
"nixpkgs": [
"railbird-secrets",
"nixpkgs"
],
"systems": "systems_4"
},
"locked": {
"lastModified": 1707830867,
"narHash": "sha256-PAdwm5QqdlwIqGrfzzvzZubM+FXtilekQ/FA0cI49/o=",
"owner": "ryantm",
"repo": "agenix",
"rev": "8cb01a0e717311680e0cbca06a76cbceba6f3ed6",
"type": "github"
},
"original": {
"owner": "ryantm",
"repo": "agenix",
"type": "github"
}
},
"darwin": { "darwin": {
"inputs": { "inputs": {
"nixpkgs": [ "nixpkgs": [
@ -43,6 +67,29 @@
"type": "github" "type": "github"
} }
}, },
"darwin_2": {
"inputs": {
"nixpkgs": [
"railbird-secrets",
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1700795494,
"narHash": "sha256-gzGLZSiOhf155FW7262kdHo2YDeugp3VuIFb4/GGng0=",
"owner": "lnl7",
"repo": "nix-darwin",
"rev": "4b9b83d5a92e8c1fbfd8eb27eda375908c11ec4d",
"type": "github"
},
"original": {
"owner": "lnl7",
"ref": "master",
"repo": "nix-darwin",
"type": "github"
}
},
"flake-compat": { "flake-compat": {
"flake": false, "flake": false,
"locked": { "locked": {
@ -245,6 +292,24 @@
"inputs": { "inputs": {
"systems": "systems_5" "systems": "systems_5"
}, },
"locked": {
"lastModified": 1709126324,
"narHash": "sha256-q6EQdSeUZOG26WelxqkmR7kArjgWCdw5sfJVHPH/7j8=",
"owner": "numtide",
"repo": "flake-utils",
"rev": "d465f4819400de7c8d874d50b982301f28a84605",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "flake-utils",
"type": "github"
}
},
"flake-utils_6": {
"inputs": {
"systems": "systems_7"
},
"locked": { "locked": {
"lastModified": 1685518550, "lastModified": 1685518550,
"narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=", "narHash": "sha256-o2d0KcvaXzTrPRIo0kOLV0/QXHhDQ5DTi+OxcjO8xqY=",
@ -259,9 +324,9 @@
"type": "github" "type": "github"
} }
}, },
"flake-utils_6": { "flake-utils_7": {
"inputs": { "inputs": {
"systems": "systems_6" "systems": "systems_8"
}, },
"locked": { "locked": {
"lastModified": 1681202837, "lastModified": 1681202837,
@ -536,7 +601,7 @@
"haskell-language-server_2": { "haskell-language-server_2": {
"inputs": { "inputs": {
"flake-compat": "flake-compat_4", "flake-compat": "flake-compat_4",
"flake-utils": "flake-utils_5", "flake-utils": "flake-utils_6",
"fourmolu-011": "fourmolu-011_2", "fourmolu-011": "fourmolu-011_2",
"fourmolu-012": "fourmolu-012_2", "fourmolu-012": "fourmolu-012_2",
"gitignore": "gitignore_2", "gitignore": "gitignore_2",
@ -548,7 +613,7 @@
"lsp": "lsp_2", "lsp": "lsp_2",
"lsp-test": "lsp-test_2", "lsp-test": "lsp-test_2",
"lsp-types": "lsp-types_2", "lsp-types": "lsp-types_2",
"nixpkgs": "nixpkgs_7", "nixpkgs": "nixpkgs_8",
"ormolu-052": "ormolu-052_2", "ormolu-052": "ormolu-052_2",
"ormolu-07": "ormolu-07_2", "ormolu-07": "ormolu-07_2",
"stylish-haskell-0145": "stylish-haskell-0145_2" "stylish-haskell-0145": "stylish-haskell-0145_2"
@ -713,6 +778,28 @@
"type": "github" "type": "github"
} }
}, },
"home-manager_3": {
"inputs": {
"nixpkgs": [
"railbird-secrets",
"agenix",
"nixpkgs"
]
},
"locked": {
"lastModified": 1703113217,
"narHash": "sha256-7ulcXOk63TIT2lVDSExj7XzFx09LpdSAPtvgtM7yQPE=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "3bfaacf46133c037bb356193bd2f1765d9dc82c1",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "home-manager",
"type": "github"
}
},
"imalison-taffybar": { "imalison-taffybar": {
"inputs": { "inputs": {
"flake-utils": [ "flake-utils": [
@ -1051,6 +1138,22 @@
} }
}, },
"nixpkgs_7": { "nixpkgs_7": {
"locked": {
"lastModified": 1709703039,
"narHash": "sha256-6hqgQ8OK6gsMu1VtcGKBxKQInRLHtzulDo9Z5jxHEFY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "9df3e30ce24fd28c7b3e2de0d986769db5d6225d",
"type": "github"
},
"original": {
"owner": "NixOS",
"ref": "nixos-unstable",
"repo": "nixpkgs",
"type": "github"
}
},
"nixpkgs_8": {
"locked": { "locked": {
"lastModified": 1686874404, "lastModified": 1686874404,
"narHash": "sha256-u2Ss8z+sGaVlKtq7sCovQ8WvXY+OoXJmY1zmyxITiaY=", "narHash": "sha256-u2Ss8z+sGaVlKtq7sCovQ8WvXY+OoXJmY1zmyxITiaY=",
@ -1066,7 +1169,7 @@
"type": "github" "type": "github"
} }
}, },
"nixpkgs_8": { "nixpkgs_9": {
"locked": { "locked": {
"lastModified": 1682134069, "lastModified": 1682134069,
"narHash": "sha256-TnI/ZXSmRxQDt2sjRYK/8j8iha4B4zP2cnQCZZ3vp7k=", "narHash": "sha256-TnI/ZXSmRxQDt2sjRYK/8j8iha4B4zP2cnQCZZ3vp7k=",
@ -1187,6 +1290,26 @@
"type": "github" "type": "github"
} }
}, },
"railbird-secrets": {
"inputs": {
"agenix": "agenix_2",
"flake-utils": "flake-utils_5",
"nixpkgs": "nixpkgs_7"
},
"locked": {
"lastModified": 1718057406,
"narHash": "sha256-PUqnLMxAOlWVkNIpltxP8lNlz5OyxpYN6K9hl45WrAk=",
"ref": "refs/heads/master",
"rev": "971e616e67e07c1ef5a8933fbb0a504178353be2",
"revCount": 49,
"type": "git",
"url": "ssh://gitea@dev.railbird.ai:1123/railbird/secrets-flake.git"
},
"original": {
"type": "git",
"url": "ssh://gitea@dev.railbird.ai:1123/railbird/secrets-flake.git"
}
},
"root": { "root": {
"inputs": { "inputs": {
"agenix": "agenix", "agenix": "agenix",
@ -1203,8 +1326,9 @@
"nixpkgs": "nixpkgs_5", "nixpkgs": "nixpkgs_5",
"nixpkgs-regression": "nixpkgs-regression_2", "nixpkgs-regression": "nixpkgs-regression_2",
"notifications-tray-icon": "notifications-tray-icon", "notifications-tray-icon": "notifications-tray-icon",
"railbird-secrets": "railbird-secrets",
"status-notifier-item": "status-notifier-item", "status-notifier-item": "status-notifier-item",
"systems": "systems_4", "systems": "systems_6",
"taffybar": "taffybar", "taffybar": "taffybar",
"vscode-server": "vscode-server", "vscode-server": "vscode-server",
"xmonad": "xmonad", "xmonad": "xmonad",
@ -1380,6 +1504,36 @@
"type": "github" "type": "github"
} }
}, },
"systems_7": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"systems_8": {
"locked": {
"lastModified": 1681028828,
"narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=",
"owner": "nix-systems",
"repo": "default",
"rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e",
"type": "github"
},
"original": {
"owner": "nix-systems",
"repo": "default",
"type": "github"
}
},
"taffybar": { "taffybar": {
"inputs": { "inputs": {
"flake-utils": [ "flake-utils": [
@ -1452,8 +1606,8 @@
}, },
"vscode-server": { "vscode-server": {
"inputs": { "inputs": {
"flake-utils": "flake-utils_6", "flake-utils": "flake-utils_7",
"nixpkgs": "nixpkgs_8" "nixpkgs": "nixpkgs_9"
}, },
"locked": { "locked": {
"lastModified": 1713958148, "lastModified": 1713958148,

View File

@ -1,5 +1,8 @@
{ {
inputs = { inputs = {
railbird-secrets = {
url = "git+ssh://gitea@dev.railbird.ai:1123/railbird/secrets-flake.git";
};
nixos-hardware = { url = "github:colonelpanic8/nixos-hardware"; }; nixos-hardware = { url = "github:colonelpanic8/nixos-hardware"; };
nixpkgs = { nixpkgs = {
@ -152,7 +155,10 @@
inherit inputs machineNames; inherit inputs machineNames;
makeEnable = (import ./make-enable.nix) nixpkgs.lib; makeEnable = (import ./make-enable.nix) nixpkgs.lib;
keys = (import ./keys.nix); keys = (import ./keys.nix);
usersInfo = (import ./users.nix) { pkgs = { zsh = "zsh"; }; keys = keys; }; usersInfo = (import ./users.nix) {
pkgs = { zsh = "zsh"; };
inherit keys inputs system;
};
realUsers = (builtins.attrNames realUsers = (builtins.attrNames
(nixpkgs.lib.filterAttrs (nixpkgs.lib.filterAttrs
(_: value: (builtins.elem "isNormalUser" (builtins.attrNames value)) && value.isNormalUser) usersInfo.users.users) (_: value: (builtins.elem "isNormalUser" (builtins.attrNames value)) && value.isNormalUser) usersInfo.users.users)

View File

@ -1,4 +1,4 @@
{ pkgs, keys, ... }: { pkgs, keys, inputs, system, ... }:
let let
extraGroups = [ extraGroups = [
"audio" "audio"
@ -89,6 +89,11 @@ in
name = "ben"; name = "ben";
openssh.authorizedKeys.keys = benKeys ++ kanivanKeys; openssh.authorizedKeys.keys = benKeys ++ kanivanKeys;
}; };
railbird = userDefaults // {
inherit extraGroups;
name = "railbird";
openssh.authorizedKeys.keys = inputs.railbird-secrets.keys.railbirdAdminKeys;
};
}; };
nix.sshServe = { nix.sshServe = {