nixos: define user limits

2026-04-18 18:36:48 -04:00
parent a55f91f316
commit 8c1fa8e08d
1 changed files with 50 additions and 25 deletions
@@ -1,27 +1,52 @@
-{ pkgs, ... }:
+{ lib, ... }:
-{
+let
-  users.users =
+  inherit (lib) optionals;
    let
      adminGroups = [
        "adm"
        "named"
        "networkmanager"
        "nginx"
        "tuxcord"
        "wheel"
      ];
    in
    {
      error = {
        isNormalUser = true;
        shell = pkgs.fish;
        extraGroups = adminGroups;
      };
-      javalsai = {
+  adminGroups = [
-        isNormalUser = true;
+    "adm"
-        shell = pkgs.zsh;
+    "named"
-        extraGroups = adminGroups;
+    "networkmanager"
-      };
+    "nginx"
    "tuxcord"
    "wheel"
  ];
  mkUser = name: uid: options: {
    users.users.${name} = {
      isNormalUser = true;
      extraGroups = optionals options.admin adminGroups;
      inherit uid;
    };
-}
+
    systemd.slices."user-${uid}".sliceConfig = {
      CPUQuota = "50%";
      CPUWeight = "10";
      IOAccounting = true;
      IOWeight = "10";
      MemoryMax = "2G";
      MemorySwapMax = "1G";
      TasksMax = "100";
    };
  };
 in
 map (user: mkUser user.name user.uid user.options) [
  {
    name = "error";
    uid = 1000;
    options.admin = true;
  }
  {
    name = "javalsai";
    uid = 1001;
    options.admin = true;
  }
  {
    name = "max";
    uid = 1002;
    options.admin = true;
  }
  {
    name = "vectorum";
    uid = 1003;
  }
 ]