geir/home-lab
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
home-lab/modules/users/common.nix
Geir Okkenhaug Jerstad ec9efc5ca1
Some checks are pending
🏠 Home Lab CI/CD Pipeline / 🔍 Validate Configuration (push) Waiting to run
Details
🏠 Home Lab CI/CD Pipeline / 🔨 Build Configurations (push) Blocked by required conditions
Details
🏠 Home Lab CI/CD Pipeline / 🔒 Security Audit (push) Blocked by required conditions
Details
🏠 Home Lab CI/CD Pipeline / 📚 Documentation & Modules (push) Blocked by required conditions
Details
🏠 Home Lab CI/CD Pipeline / 🔄 Update Dependencies (push) Waiting to run
Details
🏠 Home Lab CI/CD Pipeline / 🚀 Deploy Configuration (push) Blocked by required conditions
Details
🏠 Home Lab CI/CD Pipeline / 📢 Notify Results (push) Blocked by required conditions
Details
feat: create modular user configurations 
∙
∙ User Accounts:
∙  geir - Primary user (development, desktop, multimedia)
∙  sma - Admin user (Diziet Sma, system administration)
∙  common.nix - Shared user settings and security
∙
∙ Key Features:
∙ 🔧 Culture character naming (sma = Diziet Sma, SC agent)
∙ 🔒 Security-focused admin account (SSH keys only, passwordless sudo)
∙ 🛠<fe0f> Development-focused primary user (containers, virtualization, creative tools)
∙ 📦 Modern CLI tools and shell enhancements
∙ 🎯 Role-based package selection and group memberships
∙
∙ Security Model:
∙ - SSH key authentication for admin users
∙ - Separate admin and daily-use accounts
∙ - Principle of least privilege
∙ - No root login allowed
∙
∙ Integration:
∙ - Container runtime access (podman, incus)
∙ - Virtualization management (libvirt, virt-manager)
∙ - Development workflow (git, editors, languages)
∙ - Desktop environments (GNOME, Cosmic, Sway)
∙
∙ Ready for machine-specific deployment across home lab infrastructure.
2025-06-04 16:56:22 +02:00

126 lines
2.6 KiB
Nix
Raw Blame History

# Common User Configuration
# Shared settings for all users in the home lab
{ config, pkgs, ... }:
{
# Common user settings
users = {
# Use mutable users for flexibility
mutableUsers = true;
# Default shell for all users
defaultUserShell = pkgs.zsh;
};
# Enable zsh system-wide
programs.zsh = {
enable = true;
autosuggestions.enable = true;
syntaxHighlighting.enable = true;
# Common aliases for all users
shellAliases = {
# Modern CLI tool replacements
"ls" = "eza --color=auto --group-directories-first";
"ll" = "eza -l --color=auto --group-directories-first";
"la" = "eza -la --color=auto --group-directories-first";
"tree" = "eza --tree";
# Git shortcuts
"gs" = "git status";
"ga" = "git add";
"gc" = "git commit";
"gp" = "git push";
"gl" = "git log --oneline -10";
# System shortcuts
"grep" = "rg";
"find" = "fd";
"cat" = "bat";
"top" = "btop";
# Network
"ping" = "ping -c 5";
"myip" = "curl -s ifconfig.me";
# Safety
"rm" = "rm -i";
"mv" = "mv -i";
"cp" = "cp -i";
};
# Common environment variables
sessionVariables = {
EDITOR = "emacs";
BROWSER = "firefox";
TERMINAL = "alacritty";
};
};
# Common packages for all users
environment.systemPackages = with pkgs; [
# Essential CLI tools (already configured in base.nix)
# Adding user-specific tools here
# Communication
firefox
thunderbird
# Productivity
libreoffice
# Development (basic)
git
curl
wget
# Media
vlc
# Utilities
file
unzip
zip
];
# Common security settings
security = {
# Require password for sudo (can be overridden per user)
sudo.wheelNeedsPassword = true;
# Polkit for desktop users
polkit.enable = true;
};
# Common services
services = {
# Enable SSH for remote management
openssh = {
enable = true;
settings = {
PasswordAuthentication = false; # Key-based auth only
PermitRootLogin = "no"; # No root login
X11Forwarding = true; # For GUI applications over SSH
};
};
# Enable CUPS for printing
printing.enable = true;
# Enable sound
pipewire = {
enable = true;
alsa.enable = true;
pulse.enable = true;
};
};
# XDG portal for desktop integration
xdg.portal = {
enable = true;
extraPortals = with pkgs; [
xdg-desktop-portal-gtk
xdg-desktop-portal-gnome
];
};
}
Reference in a new issue View git blame Copy permalink