fix: resolve sma user definition conflict between modules

- Remove duplicate sma user definition from incus.nix module - The sma user is properly defined in modules/users/sma.nix with incus-admin group - This resolves the isNormalUser/isSystemUser assertion failure blocking congenital-optimist rebuild - Clean up grey-area configuration and modularize services - Update SSH keys with correct IP addresses for grey-area and reverse-proxy
2025-06-07 16:58:22 +02:00 · 2025-06-07 16:58:22 +02:00 · fa2b84cf65
commit fa2b84cf65
parent a35d9ff420
20 changed files with 540 additions and 232 deletions
--- a/modules/security/ssh-keys.nix
+++ b/modules/security/ssh-keys.nix
@ -51,11 +51,11 @@
        User geir
        IdentityFile ~/.ssh/id_ed25519_dev
        
-      Host grey-area grey-area.home 10.0.0.11
+      Host grey-area grey-area.home 10.0.0.12
        User geir
        IdentityFile ~/.ssh/id_ed25519_dev
        
-      Host reverse-proxy reverse-proxy.home 10.0.0.12
+      Host reverse-proxy reverse-proxy.home 46.226.104.98
        User geir
        IdentityFile ~/.ssh/id_ed25519_dev
        
@ -66,12 +66,12 @@
        IdentityFile ~/.ssh/id_ed25519_admin
        
      Host admin-grey grey-area.admin
-        Hostname 10.0.0.11
+        Hostname 10.0.0.12
        User sma
        IdentityFile ~/.ssh/id_ed25519_admin
        
      Host admin-reverse reverse-proxy.admin
-        Hostname 10.0.0.12
+        Hostname 46.226.104.98
        User sma
        IdentityFile ~/.ssh/id_ed25519_admin
        
--- a/modules/users/sma.nix
+++ b/modules/users/sma.nix
@ -7,6 +7,7 @@
  users.users.sma = {
    description = "Diziet Sma - System Administrator";
    isNormalUser = true;
+    group = "sma";  # Primary group
    
    # Admin privileges
    extraGroups = [
@ -126,7 +127,10 @@

  # Admin user home directory permissions
  systemd.tmpfiles.rules = [
-    "d /home/sma 0755 sma users -"
-    "d /home/sma/.ssh 0700 sma users -"
+    "d /home/sma 0755 sma sma -"
+    "d /home/sma/.ssh 0700 sma sma -"
  ];
+
+  # Create the sma group
+  users.groups.sma = {};
 }
--- a/modules/virtualization/incus.nix
+++ b/modules/virtualization/incus.nix
@ -10,10 +10,6 @@
    incus
    lxc
  ];
-  users.users.geir = {
-    extraGroups = [ 
-      "incus-admin"
-    ];
-  };
+  
  networking.firewall.allowedTCPPorts = [ 8443 ];
 }