nixos: define user limits

2026-04-18 18:36:48 -04:00
parent a55f91f316
commit 9a3da4124c
1 changed files with 50 additions and 25 deletions
@@ -1,7 +1,7 @@
-{ pkgs, ... }:
+{ lib, ... }:
 {
  users.users =
 let
  inherit (lib) optionals;
  adminGroups = [
    "adm"
    "named"
@@ -10,18 +10,43 @@
    "tuxcord"
    "wheel"
  ];
-    in
+
-    {
+  mkUser = name: uid: options: {
-      error = {
+    users.users.${name} = {
      isNormalUser = true;
-        shell = pkgs.fish;
+      extraGroups = optionals options.admin adminGroups;
-        extraGroups = adminGroups;
+      inherit uid;
    };
-      javalsai = {
+    systemd.slices."user-${uid}".sliceConfig = {
-        isNormalUser = true;
+      CPUQuota = "50%";
-        shell = pkgs.zsh;
+      CPUWeight = "10";
-        extraGroups = adminGroups;
+      IOAccounting = true;
      IOWeight = "10";
      MemoryMax = "2G";
      MemorySwapMax = "1G";
      TasksMax = "100";
    };
  };
 in
 map (user: mkUser user.name user.uid user.options) [
  {
    name = "error";
    uid = 1000;
    options.admin = true;
  }
  {
    name = "javalsai";
    uid = 1001;
    options.admin = true;
  }
  {
    name = "deadvey";
    uid = 1002;
    options.admin = true;
  }
  {
    name = "vectorum";
    uid = 1003;
  }
 ]