geir/home-lab
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
home-lab/modules/users
History
Geir O. Jerstad 47c2961033 Refactor emacs configuration and clean up lab-tool project 
- Reorganized emacs configuration with profiles in modules/development/emacs.nix
- Updated machine configurations to use new emacs module structure
- Cleaned up lab-tool project by removing archive, research, testing, and utils directories
- Streamlined lab-tool to focus on core deployment functionality with deploy-rs
- Added DEVELOPMENT.md documentation for lab-tool

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-07-03 17:45:34 +02:00
..
common.nix feat: Add little-rascal laptop config and lab-tool auto-update system 2025-06-27 22:03:54 +02:00
geir.nix Refactor emacs configuration and clean up lab-tool project 2025-07-03 17:45:34 +02:00
media-group.nix Fix NFS configuration: Remove ZFS mount point conflict with tmpfiles 2025-06-11 10:12:51 +02:00
README.md feat: create modular user configurations 2025-06-04 16:56:22 +02:00
shell-aliases.nix updates for deployment tool 2025-06-15 11:01:41 +02:00
sma.nix feat: Complete deploy-rs integration with status monitoring 2025-06-15 10:51:36 +02:00

README.md

User Configurations

This directory contains modular user configurations for the home lab infrastructure.

Philosophy

Following the Culture ship naming convention and Emacs org-mode literate programming approach, user configurations are organized to be:

  • Modular: Each user has their own configuration module
  • Shared: Common settings are in common.nix
  • Character-driven: User names follow Culture character names
  • Functional: Focus on practical daily use and system administration

User Accounts

Primary Users

geir - Primary User Account

  • Role: Development, desktop use, daily computing
  • Access: Full desktop environments (GNOME, Cosmic, Sway)
  • Focus: Development tools, creative applications, multimedia
  • Groups: wheel, networkmanager, libvirt, incus-admin, podman, audio, video, render

sma - System Administrator

  • Full Name: Named after Diziet Sma (Special Circumstances agent)
  • Role: System administration, security oversight, maintenance
  • Access: SSH-only, command-line focused
  • Focus: Monitoring, containers, security, infrastructure management
  • Groups: wheel, networkmanager, libvirt, incus-admin, podman
  • Security: SSH key authentication only, passwordless sudo

Service Accounts (Future)

  • Consider adding service-specific users for:
    • forgejo-admin: Forgejo administration
    • media-admin: Jellyfin/media server management
    • backup-agent: Automated backup operations

File Structure

modules/users/
├── common.nix       # Shared user settings and packages
├── geir.nix         # Primary user configuration
├── sma.nix          # Admin user configuration
└── README.md        # This documentation

Design Principles

Security

  • SSH key-based authentication for admin users
  • Principle of least privilege
  • Separate admin and daily-use accounts
  • No root login allowed

Convenience

  • Modern CLI tools and aliases
  • Development-focused package selection
  • Shell enhancements (zsh, starship, syntax highlighting)
  • Container and virtualization integration

Consistency

  • Common aliases and environment variables
  • Shared shell configuration
  • Standardized directory permissions
  • Culture-inspired naming convention

Integration Points

With System Configuration

  • Desktop environment modules automatically enable GUI applications
  • Virtualization modules grant appropriate group memberships
  • Network modules configure user network access

With User Configs

  • Literate configurations stored in /home/geir/Home-lab/user_configs/
  • Emacs org-mode files for complex configurations
  • Automatic tangling of configuration files
  • Version control integration

With Services

  • User accounts automatically configured for enabled services
  • Container runtime access for development users
  • Monitoring and administration access for admin users

Usage Examples

Adding a New User

  1. Create new module file: modules/users/new-username.nix
  2. Choose appropriate Culture character name
  3. Define role-specific packages and groups
  4. Import in machine configuration
  5. Document in this README

Modifying User Access

  • Edit extraGroups for service access
  • Update packages for new tools
  • Modify shell aliases for workflow improvements
  • Adjust sudo rules for administrative access

Security Considerations

  • Regular audit of user accounts and permissions
  • SSH key rotation schedule
  • Monitor sudo usage and administrative actions
  • Review group memberships quarterly

Culture Character Reference

  • Diziet Sma: Pragmatic SC agent, perfect for system administration
  • Cheradenine Zakalwe: Complex SC agent, high-capability operations
  • Jernau Morat Gurgeh: Strategic game player, systematic thinking
  • Perosteck Balveda: Professional SC agent, reliable operations

Choose character names that reflect the user's role and personality within the home lab infrastructure.