Various changes to config, see notes under the fold.

- Adds `mySSHKeys` via `inherit` from `system/sshKeys.nix` for easier setting of allowed SSH keys
  - Especially useful for self-built `x86_64-linux` NixOS ISO.
- Swap where user groups are set to `system/users.nix`
- Add `myOptions.isWSL` to identify if an environment is used in WSL or not.
  - Used for setting user groups between WSL and bare-metal.
  - Requires adding `myOptions` as module to WSL systems?
    - Need to investiage if this properly works on bare-metal machines
      - So likely needs tested in VM?
- Added `myOptions.isWSL` option to `nixos-wsl` for group setting reasons, see above.
- Fleshed out `nixosConfigurations.isoimage-pc` to make keep some tools handy for live environment.
  - Plus, gave ssh key access to `root` user on ISO.
  - Need to double check if `nixos` user needs keys too.
    - Is that user still even generated with current config? Need to test.
- Added `unnix_script` to `home-manager` environment's `home.packages`, so I can remove Nix Store paths from text input easily for ease of comparing against other builds.
This commit is contained in:
Whovian NTSN 2024-06-09 05:05:25 -04:00
parent 1a6da08c20
commit d9046b8321
7 changed files with 141 additions and 11 deletions

View file

@ -91,11 +91,13 @@
# Am I going to use "configuration.nix" in this next config?
# Am I going to put it all into the flake itself?
# Am I going to do something else?
./system/chimchar/users.nix
./system/dotnet_os_codename-workaround.nix
# Source of this fix file is
# https://github.com/nazarewk-iac/nix-configs/blob/main/modules/ascii-workaround.nix
./system/nix_lix.nix
# Enable Nix fork "Lix" instead of default "Nix" version from
# upstream
./system/users.nix
lix-module.nixosModules.default
home-manager.nixosModules.home-manager
{

View file

@ -87,23 +87,48 @@
system = "x86_64-linux";
config.allowUnfree = true;
};
inherit (import ./system/sshKeys.nix) mySSHKeys;
# inherit (import ./system/groups.nix) myWslGroups myHardwareGroups;
myOptions = { lib, ... }: {
options = {
isWSL = lib.mkOption {
default = false;
type = lib.types.bool;
};
};
};
in
{
nixosConfigurations = {
nixos-wsl = nixpkgs.lib.nixosSystem {
system = "x86_64-linux";
modules = [
myOptions
./system/nixos-wsl/configuration.nix
./system/dotnet_os_codename-workaround.nix
# Source of this fix file is
# https://github.com/nazarewk-iac/nix-configs/blob/main/modules/ascii-workaround.nix
./system/nix_lix.nix
./system/users.nix
nixos-wsl.nixosModules.wsl
lix-module.nixosModules.default
home-manager.nixosModules.home-manager
{
system.configurationRevision = self.shortRev or self.dirtyShortRev or "dirty";
isWSL = true;
users.users.whovian = {
# extraGroups = myWslGroups;
# See above "let" expression
# and/or look at "system/groups.nix"
openssh.authorizedKeys.keys = mySSHKeys;
};
home-manager = {
useGlobalPkgs = true;
useUserPackages = true;
@ -134,26 +159,65 @@
];
};
isoimage = nixpkgs.lib.nixosSystem {
isoimage-pc = nixpkgs.lib.nixosSystem {
# How to build:
# $ nix build .#nixosConfigurations.isoimage-pc.config.system.build.isoImage
# TODO: Add to "packages.x86_64-linux" later?
# "packages.x86_64-linux.isoimage-pc = self.<iso_entry>"
system = "x86_64-linux";
modules = [
# ./configuration.nix
"${nixpkgs}/nixos/modules/installer/cd-dvd/installation-cd-graphical-gnome.nix"
{
nix = {
extraOptions = "
environment.systemPackages = [
pkgs._7zz
pkgs.bat
pkgs.dhex
pkgs.fd
pkgs.file
pkgs.git
pkgs.lynx
pkgs.ncdu
pkgs.progress
pkgs.ripgrep
pkgs.sshfs
pkgs.wget
pkgs.xxd
pkgs.yq
xil.packages.x86_64-linux.xil
];
nix.extraOptions = ''
experimental-features = nix-command flakes
";
};
'';
programs = {
nano.enable = true;
screen.enable = true;
zsh = {
enable = true;
# Honestly unsure if I should be using `programs.zsh.envExtra` or
# `programs.zsh.localVariables` here.
/*
localVariables = {
DISABLE_MAGIC_FUNCTIONS = true;
};
*/
ohMyZsh = {
enable = true;
theme = "bira";
};
};
};
users = {
defaultUserShell = pkgs.zsh;
users.root = {
shell = pkgs.zsh;
openssh.authorizedKeys.keys = mySSHKeys;
# Check if needed for "nixos" ISO user.
};
};
}
"${nixpkgs}/nixos/modules/installer/cd-dvd/installation-cd-graphical-gnome.nix"
];
};

View file

@ -22,9 +22,14 @@ let
patches = [ ./packages/new_rclone/patches/rclone_8ffe3e462cbf5688c37c54009db09d8dcb486860.diff ];
}
);
unnix_script = pkgs.writeShellApplication {
name = "unnix";
/* runtimeInputs = [ sed ]; */
text = '' sed -r 's@/nix/store/[0-9a-z]{32}-@/<<NIX>>/@g' '';
# Quick command to remove Nix Store paths from output. Original source:
# https://trofi.github.io/posts/247-NixOS-22.05-release.html
};
};
in
{
programs = {
@ -126,6 +131,7 @@ in
my_packages.sabretools
my_packages.new_rclone
my_packages.rom-properties
my_packages.unnix_script
# my_packages.hactoolnet-bin
agenix.packages.${system}.default

23
system/groups.nix Normal file
View file

@ -0,0 +1,23 @@
{
myWslGroups = [
"wheel"
# Enable 'sudo' for the user.
];
myHardwareGroups = [
"wheel"
# Enable 'sudo' for the user.
"networkmanager"
# Enable use of NetworkManager
"usb"
# This should enable access to usb devices.
"docker"
# Enable 'docker' for the user.
];
users.groups = {
usb = {
# Placeholder to create group.
};
};
}

View file

@ -9,7 +9,7 @@
{
imports = [
./packages.nix
./users.nix
# ./users.nix
./wsl.nix
];

5
system/sshKeys.nix Normal file
View file

@ -0,0 +1,5 @@
{
mySSHKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5E4BLKTeFAeRdIMJbdi1ZcphWF3WnJAZ6FX6zbKHI3" # NixOS WSL
];
}

30
system/users.nix Normal file
View file

@ -0,0 +1,30 @@
{
lib,
config,
pkgs,
...
}:
{
users = {
users = {
whovian = {
name = "whovian";
description = "Whovian9369";
shell = pkgs.zsh;
initialPassword = "abcde"; # I need to log in somehow
extraGroups = [
"wheel"
# Enable 'sudo' for the user.
] ++ lib.optionals (!config.isWSL) [
# These are the groups for baremetal machines, or possibly VMs.
"networkmanager"
# Enable use of NetworkManager
"usb"
# This should enable access to usb devices.
"docker"
# Enable 'docker' for the user.
];
};
};
};
}