Merge pull request 'web01: add dev integration' (#93) from Mic92-main into main

2023-09-06 09:22:07 +00:00 · 2023-09-06 09:22:07 +00:00 · bcbbabba9f
commit bcbbabba9f
parent 9154f39c7f 466926665e
5 changed files with 94 additions and 4 deletions
--- a/modules/admins.nix
+++ b/modules/admins.nix
@ -0,0 +1,35 @@
+let
+  admins = builtins.fromJSON (builtins.readFile ../targets/admins/users.json);
+in
+{
+  users.users = {
+    mic92 = {
+      isNormalUser = true;
+      home = "/home/joerg";
+      extraGroups = [ "wheel" ];
+      shell = "/run/current-system/sw/bin/zsh";
+      uid = 1000;
+      openssh.authorizedKeys.keys = [ admins.mic92 ];
+    };
+    lassulus = {
+      isNormalUser = true;
+      home = "/home/lassulus";
+      extraGroups = [ "wheel" ];
+      shell = "/run/current-system/sw/bin/zsh";
+      uid = 1001;
+      openssh.authorizedKeys.keys = [ admins.lassulus ];
+    };
+    dave = {
+      isNormalUser = true;
+      home = "/home/dave";
+      extraGroups = [ "wheel" ];
+      shell = "/run/current-system/sw/bin/fish";
+      uid = 1002;
+      openssh.authorizedKeys.keys = [ admins.dave ];
+    };
+
+    root.openssh.authorizedKeys.keys = builtins.attrValues admins;
+  };
+
+  security.sudo.wheelNeedsPassword = false;
+}
--- a/modules/dev.nix
+++ b/modules/dev.nix
@ -0,0 +1,57 @@
+# Mostly used by web01.numtide.com
+{ pkgs, ... }:
+{
+  environment.systemPackages = [
+    pkgs.bat
+    pkgs.delta
+    pkgs.fd
+    pkgs.fzf
+    pkgs.git
+    pkgs.git-absorb
+    pkgs.hub
+    pkgs.gh
+    pkgs.lazygit
+    pkgs.ripgrep
+    pkgs.tig
+    pkgs.tmux
+    pkgs.direnv
+  ];
+
+  programs.bash = {
+    loginShellInit = ''
+      # Initialize direnv shell integration
+      eval "$(direnv hook bash)"
+    '';
+  };
+
+  programs.zsh = {
+    enable = true;
+    ohMyZsh.enable = true;
+    ohMyZsh.theme = "robbyrussell";
+    autosuggestions.enable = true;
+    syntaxHighlighting.enable = true;
+    loginShellInit = ''
+      # Initialize direnv shell integration
+      eval "$(direnv hook zsh)"
+
+      # if the user do not have a zshrc yet, create it
+      if [[ ! -f ~/.zshrc ]]; then
+        touch ~/.zshrc
+      fi
+
+      if [[ -n "''${commands[fzf-share]}" ]]; then
+        FZF_CTRL_R_OPTS=--reverse
+        source "$(fzf-share)/key-bindings.zsh"
+      fi
+    '';
+  };
+
+  services.eternal-terminal.enable = true;
+  networking.firewall.allowedTCPPorts = [ 2022 ];
+
+  # Enable mosh
+  programs.mosh.enable = true;
+
+  users.defaultUserShell = "/run/current-system/sw/bin/zsh";
+  users.users.root.shell = "/run/current-system/sw/bin/bash";
+}
--- a/modules/flake-module.nix
+++ b/modules/flake-module.nix
@ -7,6 +7,7 @@
      { networking.firewall.allowedTCPPorts = [ 9273 ]; }

      inputs.clan-core.nixosModules.clanCore
+      ./admins.nix
      {
        # TODO: use buildClan
        clanCore.clanDir = "${./..}";
--- a/modules/web01/default.nix
+++ b/modules/web01/default.nix
@ -10,6 +10,7 @@
    ./jobs.nix
    ../zerotier
    ../zerotier/ctrl.nix
+    ../dev.nix
  ];

  services.cloud-init.xfs.enable = true;
--- a/targets/web01/configuration.nix
+++ b/targets/web01/configuration.nix
@ -1,7 +1,4 @@
 { self, config, ... }:
-let
-  admins = builtins.fromJSON (builtins.readFile ../admins/users.json);
-in
 {
  imports = [
    self.nixosModules.web01
@ -9,7 +6,6 @@ in
  ];
  networking.hostName = "web01";
  systemd.network.networks."10-uplink".networkConfig.Address = "2a01:4f9:3080:418b::1";
-  users.users.root.openssh.authorizedKeys.keys = builtins.attrValues admins;

  clan.networking.ipv4.address = "65.21.12.51";
  clan.networking.ipv4.gateway = "65.21.12.1";