diff --git a/modules/admins.nix b/modules/admins.nix new file mode 100644 index 0000000..ed89925 --- /dev/null +++ b/modules/admins.nix @@ -0,0 +1,35 @@ +let + admins = builtins.fromJSON (builtins.readFile ../targets/admins/users.json); +in +{ + users.users = { + mic92 = { + isNormalUser = true; + home = "/home/joerg"; + extraGroups = [ "wheel" ]; + shell = "/run/current-system/sw/bin/zsh"; + uid = 1000; + openssh.authorizedKeys.keys = [ admins.mic92 ]; + }; + lassulus = { + isNormalUser = true; + home = "/home/lassulus"; + extraGroups = [ "wheel" ]; + shell = "/run/current-system/sw/bin/zsh"; + uid = 1001; + openssh.authorizedKeys.keys = [ admins.lassulus ]; + }; + dave = { + isNormalUser = true; + home = "/home/dave"; + extraGroups = [ "wheel" ]; + shell = "/run/current-system/sw/bin/fish"; + uid = 1002; + openssh.authorizedKeys.keys = [ admins.dave ]; + }; + + root.openssh.authorizedKeys.keys = builtins.attrValues admins; + }; + + security.sudo.wheelNeedsPassword = false; +} diff --git a/modules/dev.nix b/modules/dev.nix new file mode 100644 index 0000000..3da94c3 --- /dev/null +++ b/modules/dev.nix @@ -0,0 +1,57 @@ +# Mostly used by web01.numtide.com +{ pkgs, ... }: +{ + environment.systemPackages = [ + pkgs.bat + pkgs.delta + pkgs.fd + pkgs.fzf + pkgs.git + pkgs.git-absorb + pkgs.hub + pkgs.gh + pkgs.lazygit + pkgs.ripgrep + pkgs.tig + pkgs.tmux + pkgs.direnv + ]; + + programs.bash = { + loginShellInit = '' + # Initialize direnv shell integration + eval "$(direnv hook bash)" + ''; + }; + + programs.zsh = { + enable = true; + ohMyZsh.enable = true; + ohMyZsh.theme = "robbyrussell"; + autosuggestions.enable = true; + syntaxHighlighting.enable = true; + loginShellInit = '' + # Initialize direnv shell integration + eval "$(direnv hook zsh)" + + # if the user do not have a zshrc yet, create it + if [[ ! -f ~/.zshrc ]]; then + touch ~/.zshrc + fi + + if [[ -n "''${commands[fzf-share]}" ]]; then + FZF_CTRL_R_OPTS=--reverse + source "$(fzf-share)/key-bindings.zsh" + fi + ''; + }; + + services.eternal-terminal.enable = true; + networking.firewall.allowedTCPPorts = [ 2022 ]; + + # Enable mosh + programs.mosh.enable = true; + + users.defaultUserShell = "/run/current-system/sw/bin/zsh"; + users.users.root.shell = "/run/current-system/sw/bin/bash"; +} diff --git a/modules/flake-module.nix b/modules/flake-module.nix index 14d571e..6b9b79a 100644 --- a/modules/flake-module.nix +++ b/modules/flake-module.nix @@ -7,6 +7,7 @@ { networking.firewall.allowedTCPPorts = [ 9273 ]; } inputs.clan-core.nixosModules.clanCore + ./admins.nix { # TODO: use buildClan clanCore.clanDir = "${./..}"; diff --git a/modules/web01/default.nix b/modules/web01/default.nix index 09ccfae..84f76f9 100644 --- a/modules/web01/default.nix +++ b/modules/web01/default.nix @@ -10,6 +10,7 @@ ./jobs.nix ../zerotier ../zerotier/ctrl.nix + ../dev.nix ]; services.cloud-init.xfs.enable = true; diff --git a/targets/web01/configuration.nix b/targets/web01/configuration.nix index 0d70840..ebde27e 100644 --- a/targets/web01/configuration.nix +++ b/targets/web01/configuration.nix @@ -1,7 +1,4 @@ { self, config, ... }: -let - admins = builtins.fromJSON (builtins.readFile ../admins/users.json); -in { imports = [ self.nixosModules.web01 @@ -9,7 +6,6 @@ in ]; networking.hostName = "web01"; systemd.network.networks."10-uplink".networkConfig.Address = "2a01:4f9:3080:418b::1"; - users.users.root.openssh.authorizedKeys.keys = builtins.attrValues admins; clan.networking.ipv4.address = "65.21.12.51"; clan.networking.ipv4.gateway = "65.21.12.1";