2023-07-27 21:14:39 +08:00
|
|
|
inputs:
|
2023-09-12 16:31:20 +08:00
|
|
|
let
|
2023-09-18 05:16:38 +08:00
|
|
|
allUsers =
|
2023-09-12 16:31:20 +08:00
|
|
|
{
|
|
|
|
|
root =
|
2023-09-01 21:05:26 +08:00
|
|
|
{
|
2023-09-12 16:31:20 +08:00
|
|
|
users.users.root =
|
2023-09-01 21:05:26 +08:00
|
|
|
{
|
2023-09-12 16:31:20 +08:00
|
|
|
shell = inputs.pkgs.zsh;
|
2023-09-18 14:03:17 +08:00
|
|
|
autoSubUidGidRange = true;
|
2023-09-12 16:31:20 +08:00
|
|
|
hashedPassword = "$y$j9T$.UyKKvDnmlJaYZAh6./rf/$65dRqishAiqxCE6LEMjqruwJPZte7uiyYLVKpzdZNH5";
|
|
|
|
|
openssh.authorizedKeys.keys =
|
|
|
|
|
[
|
2023-09-18 20:25:17 +08:00
|
|
|
(builtins.concatStringsSep ""
|
|
|
|
|
[
|
|
|
|
|
"sk-ssh-ed25519@openssh.com "
|
2023-09-18 20:46:49 +08:00
|
|
|
"AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIEU/JPpLxsk8UWXiZr8CPNG+4WKFB92o1Ep9OEstmPLzAAAABHNzaDo= "
|
|
|
|
|
"chn@pc"
|
2023-09-18 20:25:17 +08:00
|
|
|
])
|
2023-09-12 16:31:20 +08:00
|
|
|
];
|
2023-09-01 21:05:26 +08:00
|
|
|
};
|
2023-09-18 05:28:02 +08:00
|
|
|
home-manager.users.root =
|
2023-09-12 16:31:20 +08:00
|
|
|
{
|
2023-09-18 05:40:04 +08:00
|
|
|
imports = inputs.config.nixos.users.sharedModules;
|
2023-09-18 05:28:02 +08:00
|
|
|
config.programs.git =
|
|
|
|
|
{
|
|
|
|
|
extraConfig.core.editor = inputs.lib.mkForce "vim";
|
|
|
|
|
userName = "chn";
|
|
|
|
|
userEmail = "chn@chn.moe";
|
|
|
|
|
};
|
2023-09-12 16:31:20 +08:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
chn =
|
2023-09-01 21:05:26 +08:00
|
|
|
{
|
2023-09-12 16:31:20 +08:00
|
|
|
users.users.chn =
|
|
|
|
|
{
|
|
|
|
|
isNormalUser = true;
|
|
|
|
|
extraGroups = inputs.lib.intersectLists
|
2023-09-12 22:43:38 +08:00
|
|
|
[ "adbusers" "networkmanager" "wheel" "wireshark" "libvirtd" "video" "audio" "groupshare" ]
|
2023-09-12 16:31:20 +08:00
|
|
|
(builtins.attrNames inputs.config.users.groups);
|
|
|
|
|
shell = inputs.pkgs.zsh;
|
|
|
|
|
autoSubUidGidRange = true;
|
|
|
|
|
hashedPassword = "$y$j9T$xJwVBoGENJEDSesJ0LfkU1$VEExaw7UZtFyB4VY1yirJvl7qS7oiF49KbEBrV0.hhC";
|
|
|
|
|
openssh.authorizedKeys.keys =
|
|
|
|
|
[
|
2023-09-18 20:46:49 +08:00
|
|
|
# ykman fido credentials list
|
|
|
|
|
# ykman fido credentials delete f2c1ca2d
|
|
|
|
|
# ssh-keygen -t ed25519-sk -O resident
|
|
|
|
|
# ssh-keygen -K
|
2023-09-14 18:46:03 +08:00
|
|
|
(builtins.concatStringsSep ""
|
|
|
|
|
[
|
|
|
|
|
"sk-ssh-ed25519@openssh.com "
|
2023-09-18 20:46:49 +08:00
|
|
|
"AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIEU/JPpLxsk8UWXiZr8CPNG+4WKFB92o1Ep9OEstmPLzAAAABHNzaDo= "
|
|
|
|
|
"chn@pc"
|
2023-09-14 18:46:03 +08:00
|
|
|
])
|
2023-09-12 16:31:20 +08:00
|
|
|
];
|
|
|
|
|
};
|
2023-09-18 05:28:02 +08:00
|
|
|
home-manager.users.chn =
|
2023-09-01 21:05:26 +08:00
|
|
|
{
|
2023-09-18 05:40:04 +08:00
|
|
|
imports = inputs.config.nixos.users.sharedModules;
|
2023-09-18 05:28:02 +08:00
|
|
|
config.programs =
|
2023-09-12 16:31:20 +08:00
|
|
|
{
|
2023-09-18 05:28:02 +08:00
|
|
|
git =
|
|
|
|
|
{
|
|
|
|
|
userName = "chn";
|
|
|
|
|
userEmail = "chn@chn.moe";
|
|
|
|
|
};
|
|
|
|
|
ssh.matchBlocks = builtins.listToAttrs
|
|
|
|
|
(
|
|
|
|
|
(builtins.map
|
|
|
|
|
(host:
|
|
|
|
|
{
|
|
|
|
|
name = host.name;
|
|
|
|
|
value = { host = host.name; hostname = host.value; user = "chn"; };
|
|
|
|
|
})
|
|
|
|
|
(inputs.localLib.attrsToList
|
|
|
|
|
{
|
|
|
|
|
vps3 = "vps3.chn.moe";
|
|
|
|
|
vps4 = "vps4.chn.moe";
|
|
|
|
|
vps5 = "vps5.chn.moe";
|
|
|
|
|
vps6 = "vps6.chn.moe";
|
|
|
|
|
vps7 = "vps7.chn.moe";
|
|
|
|
|
}))
|
|
|
|
|
++ (builtins.map
|
|
|
|
|
(host:
|
|
|
|
|
{
|
|
|
|
|
name = host;
|
|
|
|
|
value =
|
|
|
|
|
{
|
|
|
|
|
host = host;
|
|
|
|
|
hostname = "hpc.xmu.edu.cn";
|
|
|
|
|
user = host;
|
|
|
|
|
extraOptions = { PubkeyAcceptedAlgorithms = "+ssh-rsa"; HostkeyAlgorithms = "+ssh-rsa"; };
|
|
|
|
|
};
|
|
|
|
|
})
|
|
|
|
|
[ "wlin" "jykang" "hwang" ])
|
|
|
|
|
)
|
|
|
|
|
// {
|
|
|
|
|
xmupc1 =
|
2023-09-12 16:31:20 +08:00
|
|
|
{
|
2023-09-18 05:28:02 +08:00
|
|
|
host = "xmupc1";
|
|
|
|
|
hostname = "office.chn.moe";
|
|
|
|
|
user = "chn";
|
|
|
|
|
port = 6007;
|
|
|
|
|
};
|
|
|
|
|
nas =
|
2023-09-01 21:05:26 +08:00
|
|
|
{
|
2023-09-18 05:28:02 +08:00
|
|
|
host = "nas";
|
|
|
|
|
hostname = "office.chn.moe";
|
|
|
|
|
user = "chn";
|
|
|
|
|
port = 5440;
|
|
|
|
|
};
|
|
|
|
|
xmupc1-ext =
|
2023-09-12 16:31:20 +08:00
|
|
|
{
|
2023-09-18 05:28:02 +08:00
|
|
|
host = "xmupc1-ext";
|
|
|
|
|
hostname = "vps3.chn.moe";
|
|
|
|
|
user = "chn";
|
|
|
|
|
port = 6007;
|
|
|
|
|
};
|
|
|
|
|
xmuhk =
|
|
|
|
|
{
|
|
|
|
|
host = "xmuhk";
|
|
|
|
|
hostname = "10.26.14.56";
|
|
|
|
|
user = "xmuhk";
|
|
|
|
|
# identityFile = "~/.ssh/xmuhk_id_rsa";
|
|
|
|
|
};
|
|
|
|
|
xmuhk2 =
|
|
|
|
|
{
|
|
|
|
|
host = "xmuhk2";
|
|
|
|
|
hostname = "183.233.219.132";
|
|
|
|
|
user = "xmuhk";
|
|
|
|
|
port = 62022;
|
|
|
|
|
};
|
2023-09-12 16:31:20 +08:00
|
|
|
};
|
|
|
|
|
};
|
2023-09-01 21:05:26 +08:00
|
|
|
};
|
2023-09-13 02:12:41 +08:00
|
|
|
nixos.services.groupshare.mountPoints = [ "/home/chn/groupshare" ];
|
2023-09-12 16:31:20 +08:00
|
|
|
};
|
2023-09-12 22:43:38 +08:00
|
|
|
xll =
|
|
|
|
|
{
|
|
|
|
|
users.users.xll =
|
|
|
|
|
{
|
|
|
|
|
isNormalUser = true;
|
|
|
|
|
extraGroups = inputs.lib.intersectLists
|
2023-09-14 19:11:33 +08:00
|
|
|
[ "groupshare" "video" ]
|
2023-09-12 22:43:38 +08:00
|
|
|
(builtins.attrNames inputs.config.users.groups);
|
|
|
|
|
passwordFile = inputs.config.sops.secrets."users/xll".path;
|
2023-09-14 18:46:03 +08:00
|
|
|
openssh.authorizedKeys.keys = [ (builtins.readFile ./xll_id_rsa.pub) ];
|
2023-09-12 22:43:38 +08:00
|
|
|
shell = inputs.pkgs.zsh;
|
|
|
|
|
autoSubUidGidRange = true;
|
|
|
|
|
};
|
2023-09-18 05:40:04 +08:00
|
|
|
home-manager.users.xll.imports = inputs.config.nixos.users.sharedModules;
|
2023-09-12 22:43:38 +08:00
|
|
|
sops.secrets."users/xll".neededForUsers = true;
|
2023-09-13 02:12:41 +08:00
|
|
|
nixos.services.groupshare.mountPoints = [ "/home/xll/groupshare" ];
|
2023-09-12 22:43:38 +08:00
|
|
|
};
|
2023-09-14 19:11:33 +08:00
|
|
|
zem =
|
|
|
|
|
{
|
|
|
|
|
users.users.zem =
|
|
|
|
|
{
|
|
|
|
|
isNormalUser = true;
|
|
|
|
|
extraGroups = inputs.lib.intersectLists
|
|
|
|
|
[ "groupshare" "video" ]
|
|
|
|
|
(builtins.attrNames inputs.config.users.groups);
|
|
|
|
|
passwordFile = inputs.config.sops.secrets."users/zem".path;
|
|
|
|
|
openssh.authorizedKeys.keys = [ (builtins.readFile ./zem_id_rsa.pub) ];
|
|
|
|
|
shell = inputs.pkgs.zsh;
|
|
|
|
|
autoSubUidGidRange = true;
|
|
|
|
|
};
|
2023-09-18 05:40:04 +08:00
|
|
|
home-manager.users.zem.imports = inputs.config.nixos.users.sharedModules;
|
2023-09-14 19:11:33 +08:00
|
|
|
sops.secrets."users/zem".neededForUsers = true;
|
|
|
|
|
nixos.services.groupshare.mountPoints = [ "/home/zem/groupshare" ];
|
|
|
|
|
};
|
|
|
|
|
yjq =
|
|
|
|
|
{
|
|
|
|
|
users.users.yjq =
|
|
|
|
|
{
|
|
|
|
|
isNormalUser = true;
|
|
|
|
|
extraGroups = inputs.lib.intersectLists
|
|
|
|
|
[ "groupshare" "video" ]
|
|
|
|
|
(builtins.attrNames inputs.config.users.groups);
|
|
|
|
|
passwordFile = inputs.config.sops.secrets."users/yjq".path;
|
|
|
|
|
openssh.authorizedKeys.keys = [ (builtins.readFile ./yjq_id_rsa.pub) ];
|
|
|
|
|
shell = inputs.pkgs.zsh;
|
|
|
|
|
autoSubUidGidRange = true;
|
|
|
|
|
};
|
2023-09-18 05:40:04 +08:00
|
|
|
home-manager.users.yjq.imports = inputs.config.nixos.users.sharedModules;
|
2023-09-14 19:11:33 +08:00
|
|
|
sops.secrets."users/yjq".neededForUsers = true;
|
|
|
|
|
nixos.services.groupshare.mountPoints = [ "/home/yjq/groupshare" ];
|
|
|
|
|
};
|
|
|
|
|
yxy =
|
|
|
|
|
{
|
|
|
|
|
users.users.yxy =
|
|
|
|
|
{
|
|
|
|
|
isNormalUser = true;
|
|
|
|
|
extraGroups = inputs.lib.intersectLists
|
|
|
|
|
[ "groupshare" "video" ]
|
|
|
|
|
(builtins.attrNames inputs.config.users.groups);
|
|
|
|
|
passwordFile = inputs.config.sops.secrets."users/yxy".path;
|
|
|
|
|
shell = inputs.pkgs.zsh;
|
|
|
|
|
autoSubUidGidRange = true;
|
|
|
|
|
};
|
2023-09-18 05:40:04 +08:00
|
|
|
home-manager.users.yxy.imports = inputs.config.nixos.users.sharedModules;
|
2023-09-14 19:11:33 +08:00
|
|
|
sops.secrets."users/yxy".neededForUsers = true;
|
|
|
|
|
nixos.services.groupshare.mountPoints = [ "/home/yxy/groupshare" ];
|
|
|
|
|
};
|
2023-09-12 16:31:20 +08:00
|
|
|
};
|
|
|
|
|
in
|
|
|
|
|
{
|
2023-09-18 05:16:38 +08:00
|
|
|
options.nixos.users = let inherit (inputs.lib) mkOption types; in
|
|
|
|
|
{
|
|
|
|
|
users = mkOption { type = types.listOf (types.enum (builtins.attrNames allUsers)); default = [ "root" "chn" ]; };
|
2023-09-18 05:40:04 +08:00
|
|
|
sharedModules = mkOption { type = types.listOf types.anything; default = []; };
|
2023-09-18 05:16:38 +08:00
|
|
|
};
|
|
|
|
|
config =
|
|
|
|
|
let
|
|
|
|
|
inherit (builtins) map attrNames;
|
|
|
|
|
inherit (inputs.lib) mkMerge mkIf;
|
|
|
|
|
inherit (inputs.config.nixos) users;
|
|
|
|
|
in mkMerge
|
|
|
|
|
[
|
|
|
|
|
(mkMerge (map (user: mkIf (builtins.elem user users.users) allUsers.${user}) (attrNames allUsers)))
|
|
|
|
|
];
|
2023-09-12 16:31:20 +08:00
|
|
|
}
|
2023-07-27 21:14:39 +08:00
|
|
|
|
|
|
|
|
# environment.persistence."/impermanence".users.chn =
|
|
|
|
|
# {
|
2023-09-01 21:05:26 +08:00
|
|
|
# directories =
|
|
|
|
|
# [
|
|
|
|
|
# "Desktop"
|
|
|
|
|
# "Documents"
|
|
|
|
|
# "Downloads"
|
|
|
|
|
# "Music"
|
|
|
|
|
# "repo"
|
|
|
|
|
# "Pictures"
|
|
|
|
|
# "Videos"
|
2023-07-27 21:14:39 +08:00
|
|
|
|
2023-09-01 21:05:26 +08:00
|
|
|
# ".cache"
|
|
|
|
|
# ".config"
|
|
|
|
|
# ".gnupg"
|
|
|
|
|
# ".local"
|
|
|
|
|
# ".ssh"
|
|
|
|
|
# ".android"
|
|
|
|
|
# ".exa"
|
|
|
|
|
# ".gnome"
|
|
|
|
|
# ".Mathematica"
|
|
|
|
|
# ".mozilla"
|
|
|
|
|
# ".pki"
|
|
|
|
|
# ".steam"
|
|
|
|
|
# ".tcc"
|
|
|
|
|
# ".vim"
|
|
|
|
|
# ".vscode"
|
|
|
|
|
# ".Wolfram"
|
|
|
|
|
# ".zotero"
|
2023-07-27 21:14:39 +08:00
|
|
|
|
2023-09-01 21:05:26 +08:00
|
|
|
# ];
|
|
|
|
|
# files =
|
|
|
|
|
# [
|
|
|
|
|
# ".bash_history"
|
|
|
|
|
# ".cling_history"
|
|
|
|
|
# ".gitconfig"
|
|
|
|
|
# ".gtkrc-2.0"
|
|
|
|
|
# ".root_hist"
|
|
|
|
|
# ".viminfo"
|
|
|
|
|
# ".zsh_history"
|
|
|
|
|
# ];
|
2023-09-18 19:08:04 +08:00
|
|
|
# };
|
