66 lines
1.8 KiB
Nix
66 lines
1.8 KiB
Nix
{ lib, self, ... }:
|
|
let
|
|
inherit (self.lib) users;
|
|
|
|
adminGroups = [
|
|
"adm"
|
|
"named"
|
|
"networkmanager"
|
|
"nginx"
|
|
"tuxcord"
|
|
"wheel"
|
|
];
|
|
|
|
mkUser = name: uid: admin: {
|
|
users.users.${name} = {
|
|
inherit uid;
|
|
isNormalUser = true;
|
|
extraGroups = lib.optionals admin adminGroups;
|
|
openssh.authorizedKeys.keys = self.lib.getSSHKeys name;
|
|
};
|
|
|
|
systemd.slices."user-${builtins.toString uid}".sliceConfig = {
|
|
CPUQuota = "50%";
|
|
CPUWeight = "10";
|
|
IOAccounting = true;
|
|
IOWeight = "10";
|
|
MemoryMax = "2G";
|
|
MemorySwapMax = "1G";
|
|
TasksMax = "100";
|
|
};
|
|
};
|
|
in
|
|
lib.recursiveUpdate
|
|
(builtins.foldl'
|
|
(attrs: user: {
|
|
options = lib.recursiveUpdate attrs.options (
|
|
mkUser user.name attrs.uid (user.value.admin or false)
|
|
);
|
|
uid = attrs.uid + 1;
|
|
})
|
|
{
|
|
options = { };
|
|
uid = 1000;
|
|
}
|
|
(lib.attrsToList users)
|
|
).options
|
|
{
|
|
users = {
|
|
motd = ''
|
|
__ __ __
|
|
---------/\ \__ /\ \ /\ \__
|
|
---------\ \ ,_\ __ __ __ _ ___ ___ _ __ \_\ \ ___ __\ \ ,_\
|
|
----------\ \ \/ /\ \/\ \/\ \/'\ /'___\ / __`\/\`'__\/'_` \ /'_ `\ /'__`\ \ \/
|
|
-----------\ \ \_\ \ \_\ \/> <//\ \__//\ \L\ \ \ \//\ \L\ \ __/\ \/\ \/\ __/\ \ \_
|
|
------------\ \__\\ \____//\_/\_\ \____\ \____/\ \_\\ \___,_\/\_\ \_\ \_\ \____\\ \__\
|
|
-------------\/__/ \/___/ \//\/_/\/____/\/___/ \/_/ \/__,_ /\/_/\/_/\/_/\/____/ \/__/
|
|
A friendly Linux community - est. July 2023
|
|
'';
|
|
|
|
users.root = {
|
|
initialPassword = "tuxcord";
|
|
openssh.authorizedKeys.keys = self.lib.adminSSHKeys;
|
|
};
|
|
};
|
|
}
|