64 lines
1.4 KiB
Nix
64 lines
1.4 KiB
Nix
{ pkgs, ... }:
|
|
let
|
|
systemUsers = {
|
|
gitea = {
|
|
uid = 2001;
|
|
extraGroups = [ "git" ];
|
|
};
|
|
# timetagger = 2002;
|
|
pocket-id = 2003;
|
|
bookstack = 2004;
|
|
mariadb = 2005;
|
|
focalboard = 2006;
|
|
offen = 2007;
|
|
public-html = {
|
|
uid = 2008;
|
|
shell = pkgs.zsh;
|
|
authorizedKeys = [
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKPiqbLAXpBkjXnHLvz3VCd5i+VmYdd9dAcRt+8E1OQX drew@vega"
|
|
];
|
|
home = "/tank/web";
|
|
packages = [ pkgs.git ];
|
|
};
|
|
immich = 2009;
|
|
};
|
|
|
|
mkUser = name: value: {
|
|
uid = value.uid or value;
|
|
isSystemUser = true; # only affects UID allocation, but required
|
|
description = "System User for ${name}";
|
|
group = "${name}";
|
|
shell = value.shell or null;
|
|
extraGroups = value.extraGroups or [ ];
|
|
openssh.authorizedKeys.keys = value.authorizedKeys or [ ];
|
|
home = value.home or "/var/empty";
|
|
packages = value.packages or [ ];
|
|
};
|
|
mkGroup =
|
|
name: value:
|
|
let
|
|
# 1. Value if int
|
|
# 2. "gid" if present
|
|
# 3. "uid"
|
|
gid =
|
|
if builtins.isInt value then
|
|
value
|
|
else if builtins.hasAttr "gid" value then
|
|
value.gid
|
|
else
|
|
value.uid;
|
|
in
|
|
{
|
|
inherit gid;
|
|
};
|
|
in
|
|
{
|
|
users.users = builtins.mapAttrs mkUser systemUsers;
|
|
users.groups = (builtins.mapAttrs mkGroup systemUsers) // {
|
|
# Legacy groups.
|
|
git = {
|
|
gid = 992;
|
|
};
|
|
};
|
|
}
|