move system.user to user

2026-01-12 04:39:23 +08:00 · 2024-03-19 20:12:16 +08:00
parent cf7151d65b
commit cfb7998237
12 changed files with 72 additions and 83 deletions
--- a/local/pkgs/default.nix
+++ b/local/pkgs/default.nix
@@ -73,7 +73,7 @@ inputs: rec
    openmpi-aocc = inputs.pkgs.callPackage ./vasp/openmpi-aocc { inherit aocc; gcc = gcc-pie; };
    gcc-pie = inputs.pkgs.wrapCC (inputs.pkgs.gcc.cc.overrideAttrs (prev:
      { configureFlags = prev.configureFlags ++ [ "--enable-default-pie" ];}));
-    additionalCommands = let uid = inputs.config.nixos.system.user.user.gb; in
+    additionalCommands = let uid = inputs.config.nixos.user.uid.gb; in
      ''[ "$(${inputs.pkgs.coreutils}/bin/id -u)" -eq ${builtins.toString uid} ] && exit 1'';
  };
  oneapi = inputs.pkgs.callPackage ./oneapi {};
--- a/modules/services/frp.nix
+++ b/modules/services/frp.nix
@@ -142,8 +142,8 @@ inputs:
          };
          users =
          {
-            users.frp = { uid = inputs.config.nixos.system.user.user.frp; group = "frp"; isSystemUser = true; };
-            groups.frp.gid = inputs.config.nixos.system.user.group.frp;
+            users.frp = { uid = inputs.config.nixos.user.uid.frp; group = "frp"; isSystemUser = true; };
+            groups.frp.gid = inputs.config.nixos.user.gid.frp;
          };
        }
      )
@@ -193,8 +193,8 @@ inputs:
          nixos.services.acme = { enable = true; cert.${frpServer.serverName}.group = "frp"; };
          users =
          {
-            users.frp = { uid = inputs.config.nixos.system.user.user.frp; group = "frp"; isSystemUser = true; };
-            groups.frp.gid = inputs.config.nixos.system.user.group.frp;
+            users.frp = { uid = inputs.config.nixos.user.uid.frp; group = "frp"; isSystemUser = true; };
+            groups.frp.gid = inputs.config.nixos.user.gid.frp;
          };
          networking.firewall.allowedTCPPorts = [ 7000 ];
        }
--- a/modules/services/fz-new-order/default.nix
+++ b/modules/services/fz-new-order/default.nix
@@ -16,13 +16,13 @@ inputs:
      {
        users.fz-new-order =
        {
-          uid = inputs.config.nixos.system.user.user.fz-new-order;
+          uid = inputs.config.nixos.user.uid.fz-new-order;
          group = "fz-new-order";
          home = "/var/lib/fz-new-order";
          createHome = true;
          isSystemUser = true;
        };
-        groups.fz-new-order.gid = inputs.config.nixos.system.user.group.fz-new-order;
+        groups.fz-new-order.gid = inputs.config.nixos.user.gid.fz-new-order;
      };
      systemd =
      {
--- a/modules/services/groupshare.nix
+++ b/modules/services/groupshare.nix
@@ -12,7 +12,7 @@ inputs:
      users = inputs.config.users.groups.groupshare.members;
    in mkIf groupshare.enable
    {
-      users.groups.groupshare.gid = inputs.config.nixos.system.user.group.groupshare;
+      users.groups.groupshare.gid = inputs.config.nixos.user.gid.groupshare;
      systemd.tmpfiles.rules = [ "d /var/lib/groupshare" ]
        ++ (concatLists (map
          (user:
--- a/modules/services/mirism.nix
+++ b/modules/services/mirism.nix
@@ -13,8 +13,8 @@ inputs:
    {
      users =
      {
-        users.mirism = { uid = inputs.config.nixos.system.user.user.mirism; group = "mirism"; isSystemUser = true; };
-        groups.mirism.gid = inputs.config.nixos.system.user.group.mirism;
+        users.mirism = { uid = inputs.config.nixos.user.uid.mirism; group = "mirism"; isSystemUser = true; };
+        groups.mirism.gid = inputs.config.nixos.user.gid.mirism;
      };
      systemd =
      {
--- a/modules/services/misskey.nix
+++ b/modules/services/misskey.nix
@@ -125,13 +125,13 @@ inputs:
        {
          users."misskey-${instance.name}" =
          {
-            uid = inputs.config.nixos.system.user.user."misskey-${instance.name}";
+            uid = inputs.config.nixos.user.uid."misskey-${instance.name}";
            group = "misskey-${instance.name}";
            home = "/var/lib/misskey/${instance.name}";
            createHome = true;
            isSystemUser = true;
          };
-          groups."misskey-${instance.name}".gid = inputs.config.nixos.system.user.group."misskey-${instance.name}";
+          groups."misskey-${instance.name}".gid = inputs.config.nixos.user.gid."misskey-${instance.name}";
        })
        (attrsToList misskey.instances));
      nixos.services =
--- a/modules/services/phpfpm.nix
+++ b/modules/services/phpfpm.nix
@@ -55,7 +55,7 @@ inputs:
          inherit (pool) name;
          value =
          {
-            uid = inputs.config.nixos.system.user.user.${pool.name};
+            uid = inputs.config.nixos.user.uid.${pool.name};
            group = pool.name;
            extraGroups = [ "nginx" ];
            isSystemUser = true;
@@ -63,7 +63,7 @@ inputs:
        })
        (filter (pool: pool.value.user == null) (attrsToList phpfpm.instances)));
      groups = listToAttrs (map
-        (pool: { inherit (pool) name; value.gid = inputs.config.nixos.system.user.group.${pool.name}; })
+        (pool: { inherit (pool) name; value.gid = inputs.config.nixos.user.gid.${pool.name}; })
        (filter (pool: pool.value.user == null) (attrsToList phpfpm.instances)));
    };
  };
--- a/modules/services/rsshub.nix
+++ b/modules/services/rsshub.nix
@@ -54,8 +54,8 @@ inputs:
      };
      users =
      {
-        users.rsshub = { uid = inputs.config.nixos.system.user.user.rsshub; group = "rsshub"; isSystemUser = true; };
-        groups.rsshub.gid = inputs.config.nixos.system.user.group.rsshub;
+        users.rsshub = { uid = inputs.config.nixos.user.uid.rsshub; group = "rsshub"; isSystemUser = true; };
+        groups.rsshub.gid = inputs.config.nixos.user.gid.rsshub;
      };
      nixos.services =
      {
--- a/modules/services/synapse.nix
+++ b/modules/services/synapse.nix
@@ -37,14 +37,14 @@ inputs:
        {
          users."synapse-${instance.name}" =
          {
-            uid = inputs.config.nixos.system.user.user."synapse-${instance.name}";
+            uid = inputs.config.nixos.user.uid."synapse-${instance.name}";
            group = "synapse-${instance.name}";
            home = "/var/lib/synapse/${instance.name}";
            createHome = true;
            isSystemUser = true;
            shell = "${inputs.pkgs.bash}/bin/bash";
          };
-          groups."synapse-${instance.name}".gid = inputs.config.nixos.system.user.group."synapse-${instance.name}";
+          groups."synapse-${instance.name}".gid = inputs.config.nixos.user.gid."synapse-${instance.name}";
        })
        (attrsToList synapse.instances));
      systemd = mkMerge (map
--- a/modules/services/xray.nix
+++ b/modules/services/xray.nix
@@ -294,7 +294,7 @@ inputs:
                    [ "-m set --match-set xmu_net dst -j MARK --set-mark 1/1" ]
                    ++ (map
                      (user:
-                        let uid = inputs.config.nixos.system.user.user.${user};
+                        let uid = inputs.config.nixos.user.uid.${user};
                        in "-m owner --uid-owner ${toString uid} -j DSCP --set-dscp 0x1")
                      (xray.client.xray.noproxyUsers ++ [ "v2ray" ]))  
                  ))
@@ -320,8 +320,8 @@ inputs:
        };
        users =
        {
-          users.v2ray = { uid = inputs.config.nixos.system.user.user.v2ray; group = "v2ray"; isSystemUser = true; };
-          groups.v2ray.gid = inputs.config.nixos.system.user.group.v2ray;
+          users.v2ray = { uid = inputs.config.nixos.user.uid.v2ray; group = "v2ray"; isSystemUser = true; };
+          groups.v2ray.gid = inputs.config.nixos.user.gid.v2ray;
        };
        environment.etc."resolv.conf".text = "nameserver 127.0.0.1";
      }
@@ -508,8 +508,8 @@ inputs:
        };
        users =
        {
-          users.v2ray = { uid = inputs.config.nixos.system.user.user.v2ray; group = "v2ray"; isSystemUser = true; };
-          groups.v2ray.gid = inputs.config.nixos.system.user.group.v2ray;
+          users.v2ray = { uid = inputs.config.nixos.user.uid.v2ray; group = "v2ray"; isSystemUser = true; };
+          groups.v2ray.gid = inputs.config.nixos.user.gid.v2ray;
        };
        nixos.services =
        {
--- a/modules/system/user.nix
+++ b/modules/system/user.nix
@@ -1,41 +0,0 @@
-inputs:
-{
-  options.nixos.system.user = let inherit (inputs.lib) mkOption types; in
-  {
-    user = mkOption
-    {
-      type = types.attrsOf types.ints.unsigned;
-      readOnly = true;
-      default =
-      {
-        chn = 1000;
-        xll = 1001;
-        yjq = 1002;
-        yxy = 1003;
-        zem = 1004;
-        gb = 1005;
-        test = 1006;
-        misskey-misskey = 2000;
-        misskey-misskey-old = 2001;
-        frp = 2002;
-        mirism = 2003;
-        httpapi = 2004;
-        httpua = 2005;
-        rsshub = 2006;
-        v2ray = 2007;
-        fz-new-order = 2008;
-        synapse-synapse = 2009;
-        synapse-matrix = 2010;
-      };
-    };
-    group = mkOption
-    {
-      type = types.attrsOf types.ints.unsigned;
-      readOnly = true;
-      default = inputs.config.nixos.system.user.user //
-      {
-        groupshare = 3000;
-      };
-    };
-  };
-}
--- a/modules/user/default.nix
+++ b/modules/user/default.nix
@@ -5,27 +5,57 @@ inputs:
  {
    users = mkOption { type = types.listOf types.nonEmptyStr; default = [ "chn" ]; };
    sharedModules = mkOption { type = types.listOf types.anything; default = []; };
-  };
-  config =
-    let
-      inherit (inputs.config.nixos) user;
-      inherit (builtins) map;
-      inherit (inputs.lib) mkMerge;
-    in
+    uid = mkOption
    {
-      users = mkMerge (map
-        (name:
-        {
-          users.${name} =
-          {
-            uid = inputs.config.nixos.system.user.user.${name};
-            group = name;
-            isNormalUser = true;
-          };
-          groups.${name}.gid = inputs.config.nixos.system.user.group.${name};
-        })
-        user.users);
+      type = types.attrsOf types.ints.unsigned;
+      readOnly = true;
+      default =
+      {
+        chn = 1000;
+        xll = 1001;
+        yjq = 1002;
+        yxy = 1003;
+        zem = 1004;
+        gb = 1005;
+        test = 1006;
+        misskey-misskey = 2000;
+        misskey-misskey-old = 2001;
+        frp = 2002;
+        mirism = 2003;
+        httpapi = 2004;
+        httpua = 2005;
+        rsshub = 2006;
+        v2ray = 2007;
+        fz-new-order = 2008;
+        synapse-synapse = 2009;
+        synapse-matrix = 2010;
+      };
    };
+    gid = mkOption
+    {
+      type = types.attrsOf types.ints.unsigned;
+      readOnly = true;
+      default = inputs.config.nixos.user.uid //
+      {
+        groupshare = 3000;
+      };
+    };
+  };
+  config = let inherit (inputs.config.nixos) user; in
+  {
+    users = inputs.lib.mkMerge (builtins.map
+      (name:
+      {
+        users.${name} =
+        {
+          uid = inputs.config.nixos.user.uid.${name};
+          group = name;
+          isNormalUser = true;
+        };
+        groups.${name}.gid = inputs.config.nixos.user.gid.${name};
+      })
+      user.users);
+  };
 }

 # environment.persistence."/impermanence".users.chn =