feat: flake interface definition

2025-04-05 11:33:18 +02:00 · 2025-04-05 11:33:18 +02:00 · b4625b5719
commit b4625b5719
8 changed files with 93 additions and 0 deletions
--- a/flake.nix
+++ b/flake.nix
@ -0,0 +1,12 @@
+{
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.11";
+  };
+
+  outputs = inputs: {
+    nixosModules = {
+      users = (import ./users) inputs;
+      hosts = (import ./hosts) inputs;
+    };
+  };
+}
--- a/hosts/default.nix
+++ b/hosts/default.nix
@ -0,0 +1,9 @@
+inputs @ {nixpkgs, ...}:
+let
+  inherit (nixpkgs) lib;
+  isDir = _name: type: type == "directory";
+  directoriesAsModules = dir: (builtins.mapAttrs
+    (name: _value: dir + "/${name}")
+    (lib.filterAttrs isDir (builtins.readDir dir))
+  );
+in directoriesAsModules ./.
--- a/hosts/git.example.tld/default.nix
+++ b/hosts/git.example.tld/default.nix
@ -0,0 +1,8 @@
+inputs @ {config, ...}:
+let
+  allusers = (import ../../users) inputs;
+{
+  users.users = {
+    inherit (allUsers) alice bob;
+  }
+}
--- a/hosts/web.example.org/default.nix
+++ b/hosts/web.example.org/default.nix
@ -0,0 +1,8 @@
+inputs @ {config, ...}:
+let
+  allusers = (import ../../users) inputs;
+{
+  users.users = {
+    inherit (allUsers) alice bob mallory root;
+  }
+}
--- a/users/alice/default.nix
+++ b/users/alice/default.nix
@ -0,0 +1,13 @@
+{config, lib, pkgs, ...}:
+{
+  isNormalUser = true;
+  description = "Alice Lastname";
+  packages = with pkgs; [
+    "firefox"
+    "element-desktop"
+  ];
+  extraGroups = [
+    "audio"
+    "video"
+  ];
+}
--- a/users/bob/default.nix
+++ b/users/bob/default.nix
@ -0,0 +1,14 @@
+{config, lib, pkgs, ...}:
+{
+  isNormalUser = true;
+  description = "Bob TheBuilder";
+  packages = with pkgs; [
+    "firefox-beta"
+    "element-desktop"
+  ];
+  extraGroups = [
+    "audio"
+    "video"
+    "docker"
+  ];
+}
--- a/users/default.nix
+++ b/users/default.nix
@ -0,0 +1,18 @@
+{config, lib, ...}:
+let
+  alice = import ./alice;
+  bob = import ./bob;
+  mallory = import ./mallory;
+  isSystemUser = _name: userConfig: userConfig.isSystemUser == true;
+in
+{
+  users.users = {
+    inherit alice;
+    inherit bob;
+    root = {
+      openssh.authorizedKeys.keys = lib.lists.flatten (attrValues (lib.mapAttrs
+        (_name: userConfig: userConfig.openssh.authorizedKeys.keys)
+        (lib.filterAttrs isSystemUser config.users.users)))
+    };
+  };
+}
--- a/users/mallory/default.nix
+++ b/users/mallory/default.nix
@ -0,0 +1,11 @@
+{config, lib, pkgs, ...}:
+{
+  isSystemUser = true;
+  description = "muahahaaa";
+  packages = with pkgs; [
+    "mtr"
+    "nmap"
+    "pwntools"
+    "hexedit"
+  ];
+}