Various changes to config, see notes under the fold.

- Adds `mySSHKeys` via `inherit` from `system/sshKeys.nix` for easier setting of allowed SSH keys - Especially useful for self-built `x86_64-linux` NixOS ISO. - Swap where user groups are set to `system/users.nix` - Add `myOptions.isWSL` to identify if an environment is used in WSL or not. - Used for setting user groups between WSL and bare-metal. - Requires adding `myOptions` as module to WSL systems? - Need to investiage if this properly works on bare-metal machines - So likely needs tested in VM? - Added `myOptions.isWSL` option to `nixos-wsl` for group setting reasons, see above. - Fleshed out `nixosConfigurations.isoimage-pc` to make keep some tools handy for live environment. - Plus, gave ssh key access to `root` user on ISO. - Need to double check if `nixos` user needs keys too. - Is that user still even generated with current config? Need to test. - Added `unnix_script` to `home-manager` environment's `home.packages`, so I can remove Nix Store paths from text input easily for ease of comparing against other builds.
2024-06-09 05:05:25 -04:00 · 2024-06-09 05:05:25 -04:00 · d9046b8321
parent 1a6da08c20
commit d9046b8321
7 changed files with 141 additions and 11 deletions
--- a/chimchar-hold_for_flake.nix
+++ b/chimchar-hold_for_flake.nix
@ -91,11 +91,13 @@
            # Am I going to use "configuration.nix" in this next config?
            # Am I going to put it all into the flake itself?
            # Am I going to do something else?
-          ./system/chimchar/users.nix
          ./system/dotnet_os_codename-workaround.nix
            # Source of this fix file is
            # https://github.com/nazarewk-iac/nix-configs/blob/main/modules/ascii-workaround.nix
          ./system/nix_lix.nix
+            # Enable Nix fork "Lix" instead of default "Nix" version from
+            # upstream
+          ./system/users.nix
          lix-module.nixosModules.default
          home-manager.nixosModules.home-manager
          {
--- a/flake.nix
+++ b/flake.nix
@ -87,23 +87,48 @@
      system = "x86_64-linux";
      config.allowUnfree = true;
    };
+
+    inherit (import ./system/sshKeys.nix) mySSHKeys;
+    # inherit (import ./system/groups.nix) myWslGroups myHardwareGroups;
+
+    myOptions = { lib, ... }: {
+      options = {
+        isWSL = lib.mkOption {
+          default = false;
+          type = lib.types.bool;
+        };
+      };
+    };
+
  in
  {
+
    nixosConfigurations = {
      nixos-wsl = nixpkgs.lib.nixosSystem {
        system = "x86_64-linux";
        modules = [
+          myOptions
          ./system/nixos-wsl/configuration.nix
          ./system/dotnet_os_codename-workaround.nix
            # Source of this fix file is
            # https://github.com/nazarewk-iac/nix-configs/blob/main/modules/ascii-workaround.nix
          ./system/nix_lix.nix
+          ./system/users.nix
          nixos-wsl.nixosModules.wsl
          lix-module.nixosModules.default
          home-manager.nixosModules.home-manager
          {
            system.configurationRevision = self.shortRev or self.dirtyShortRev or "dirty";

+            isWSL = true;
+
+            users.users.whovian = {
+              # extraGroups = myWslGroups;
+                # See above "let" expression
+                # and/or look at "system/groups.nix"
+              openssh.authorizedKeys.keys = mySSHKeys;
+            };
+
            home-manager = {
              useGlobalPkgs = true;
              useUserPackages = true;
@ -134,26 +159,65 @@
        ];
      };

-      isoimage = nixpkgs.lib.nixosSystem {
+      isoimage-pc = nixpkgs.lib.nixosSystem {
+        # How to build:
+        # $ nix build .#nixosConfigurations.isoimage-pc.config.system.build.isoImage
+        # TODO: Add to "packages.x86_64-linux" later?
+        # "packages.x86_64-linux.isoimage-pc = self.<iso_entry>"
        system = "x86_64-linux";
        modules = [
-          # ./configuration.nix
+          "${nixpkgs}/nixos/modules/installer/cd-dvd/installation-cd-graphical-gnome.nix"
          {
-            nix = {
-              extraOptions = "
+            environment.systemPackages = [
+              pkgs._7zz
+              pkgs.bat
+              pkgs.dhex
+              pkgs.fd
+              pkgs.file
+              pkgs.git
+              pkgs.lynx
+              pkgs.ncdu
+              pkgs.progress
+              pkgs.ripgrep
+              pkgs.sshfs
+              pkgs.wget
+              pkgs.xxd
+              pkgs.yq
+              xil.packages.x86_64-linux.xil
+            ];
+
+            nix.extraOptions = ''
                experimental-features = nix-command flakes
-              ";
-            };
+              '';
+
            programs = {
+              nano.enable = true;
+              screen.enable = true;
              zsh = {
                enable = true;
+                # Honestly unsure if I should be using `programs.zsh.envExtra` or
+                # `programs.zsh.localVariables` here.
+              /*
+                localVariables = {
+                  DISABLE_MAGIC_FUNCTIONS = true;
+                };
+              */
+                ohMyZsh = {
+                  enable = true;
+                  theme = "bira";
+                };
              };
            };
+
            users = {
              defaultUserShell = pkgs.zsh;
+              users.root = {
+                shell = pkgs.zsh;
+                openssh.authorizedKeys.keys = mySSHKeys;
+                  # Check if needed for "nixos" ISO user.
+              };
            };
          }
-          "${nixpkgs}/nixos/modules/installer/cd-dvd/installation-cd-graphical-gnome.nix"
        ];
      };

--- a/home/pkgs_and_programs.nix
+++ b/home/pkgs_and_programs.nix
@ -22,9 +22,14 @@ let
        patches = [ ./packages/new_rclone/patches/rclone_8ffe3e462cbf5688c37c54009db09d8dcb486860.diff ];
      }
    );
+    unnix_script = pkgs.writeShellApplication {
+      name = "unnix";
+      /* runtimeInputs = [ sed ]; */
+      text = '' sed -r 's@/nix/store/[0-9a-z]{32}-@/<<NIX>>/@g' '';
+        # Quick command to remove Nix Store paths from output. Original source:
+        # https://trofi.github.io/posts/247-NixOS-22.05-release.html
+    };
  };
-
-
 in
 {
  programs = {
@ -126,6 +131,7 @@ in
    my_packages.sabretools
    my_packages.new_rclone
    my_packages.rom-properties
+    my_packages.unnix_script
    # my_packages.hactoolnet-bin

    agenix.packages.${system}.default
--- a/system/groups.nix
+++ b/system/groups.nix
@ -0,0 +1,23 @@
+{
+  myWslGroups = [
+    "wheel"
+      # Enable 'sudo' for the user.
+  ];
+
+  myHardwareGroups = [
+    "wheel"
+      # Enable 'sudo' for the user.
+    "networkmanager"
+      # Enable use of NetworkManager
+    "usb"
+      # This should enable access to usb devices.
+    "docker"
+      # Enable 'docker' for the user.
+  ];
+
+  users.groups = {
+    usb = {
+      # Placeholder to create group.
+    };
+  };
+}
--- a/system/nixos-wsl/configuration.nix
+++ b/system/nixos-wsl/configuration.nix
@ -9,7 +9,7 @@
 {
  imports = [
    ./packages.nix
-    ./users.nix
+    # ./users.nix
    ./wsl.nix
  ];

--- a/system/sshKeys.nix
+++ b/system/sshKeys.nix
@ -0,0 +1,5 @@
+{
+  mySSHKeys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5E4BLKTeFAeRdIMJbdi1ZcphWF3WnJAZ6FX6zbKHI3" # NixOS WSL
+  ];
+}
--- a/system/users.nix
+++ b/system/users.nix
@ -0,0 +1,30 @@
+{
+  lib,
+  config,
+  pkgs,
+  ...
+}:
+{
+  users = {
+    users = {
+      whovian = {
+        name = "whovian";
+        description = "Whovian9369";
+        shell = pkgs.zsh;
+        initialPassword = "abcde"; # I need to log in somehow
+        extraGroups = [
+          "wheel"
+            # Enable 'sudo' for the user.
+        ] ++ lib.optionals (!config.isWSL) [
+        # These are the groups for baremetal machines, or possibly VMs.
+          "networkmanager"
+            # Enable use of NetworkManager
+          "usb"
+            # This should enable access to usb devices.
+          "docker"
+            # Enable 'docker' for the user.
+        ];
+      };
+    };
+  };
+}