about summary refs log tree commit diff
path: root/users
diff options
context:
space:
mode:
authorsterni <sternenseemann@systemli.org>2023-11-24T15·55+0100
committersterni <sternenseemann@systemli.org>2023-11-25T22·55+0000
commit897ee4ad26113cd386789f336038d6601aa6d7cb (patch)
tree33ba8061d0af403aab49ef3760cd4219a58f70c1 /users
parent5161c3c072616fb6b634f30fa8d9490b260d8da1 (diff)
refactor(sterni/edwin): move generic settings into module r/7067
These settings would also be applied to a machine that'd replace edwin,
so it's useful to have them outside edwin's default.nix.

Change-Id: I4e8f464118a103645e53909a87c6ee4446022fa3
Reviewed-on: https://cl.tvl.fyi/c/depot/+/10125
Reviewed-by: sterni <sternenseemann@systemli.org>
Autosubmit: sterni <sternenseemann@systemli.org>
Tested-by: BuildkiteCI
Diffstat (limited to 'users')
-rw-r--r--users/sterni/machines/edwin/default.nix66
-rw-r--r--users/sterni/modules/common.nix79
2 files changed, 81 insertions, 64 deletions
diff --git a/users/sterni/machines/edwin/default.nix b/users/sterni/machines/edwin/default.nix
index c1b267526e5b..0204cc463ea1 100644
--- a/users/sterni/machines/edwin/default.nix
+++ b/users/sterni/machines/edwin/default.nix
@@ -4,6 +4,8 @@
   imports = [
     # Third party modules we use
     "${depot.third_party.agenix.src}/modules/age.nix"
+    # Basic settings
+    ../../modules/common.nix
     # These modules touch things related to booting (filesystems, initrd network…)
     ./hardware.nix
     ./network.nix
@@ -18,70 +20,6 @@
   ];
 
   config = {
-    time.timeZone = "Europe/Berlin";
-
-    nix = {
-      package = pkgs.nix_2_3;
-      settings = {
-        trusted-public-keys = lib.mkAfter [
-          "headcounter.org:/7YANMvnQnyvcVB6rgFTdb8p5LG1OTXaO+21CaOSBzg="
-        ];
-        substituters = lib.mkAfter [
-          "https://hydra.build"
-        ];
-      };
-    };
-    tvl.cache.enable = true;
-
-    services = {
-      journald.extraConfig = ''
-        SystemMaxUse=1024M
-      '';
-
-      openssh.enable = true;
-    };
-
-    security.acme = {
-      defaults.email = builtins.getAttr "email" (
-        builtins.head (
-          builtins.filter (attrs: attrs.username == "sterni") depot.ops.users
-        )
-      );
-      acceptTerms = true;
-    };
-
-    programs = {
-      fish.enable = true;
-      mosh.enable = true;
-      tmux.enable = true;
-    };
-
-    environment.systemPackages = [
-      pkgs.weechat
-      pkgs.wget
-      pkgs.git
-      pkgs.stow
-      pkgs.htop
-      pkgs.foot.terminfo
-      pkgs.vim
-    ];
-
-    users = {
-      users = {
-        root.openssh.authorizedKeys.keys = depot.users.sterni.keys.all;
-        lukas = {
-          isNormalUser = true;
-          extraGroups = [ "wheel" "http" "git" ];
-          openssh.authorizedKeys.keys = depot.users.sterni.keys.all;
-          shell = "${pkgs.fish}/bin/fish";
-        };
-      };
-    };
-
-    nix.settings.trusted-users = [
-      "lukas"
-    ];
-
     system.stateVersion = "20.09";
   };
 }
diff --git a/users/sterni/modules/common.nix b/users/sterni/modules/common.nix
new file mode 100644
index 000000000000..db5b264e6694
--- /dev/null
+++ b/users/sterni/modules/common.nix
@@ -0,0 +1,79 @@
+# This module is common in the weakest sense, i.e. contains common settings to
+# all my machines contained in depot—as opposed to common to all my potential
+# machines. Consequently, this module is currently very server-centric.
+{ pkgs, lib, depot, config, ... }:
+
+let
+  me = "lukas";
+in
+
+{
+  config = {
+
+    # More common
+
+    time.timeZone = "Europe/Berlin";
+
+    nix = {
+      package = pkgs.nix_2_3;
+      settings = {
+        trusted-public-keys = lib.mkAfter [
+          "headcounter.org:/7YANMvnQnyvcVB6rgFTdb8p5LG1OTXaO+21CaOSBzg="
+        ];
+        substituters = lib.mkAfter [
+          "https://hydra.build"
+        ];
+        trusted-users = [ me ];
+      };
+    };
+    tvl.cache.enable = true;
+
+    programs.fish.enable = true;
+
+    users = {
+      users = {
+        root.openssh.authorizedKeys.keys = depot.users.sterni.keys.all;
+        ${me} = {
+          isNormalUser = true;
+          extraGroups = [ "wheel" "http" "git" ];
+          openssh.authorizedKeys.keys = depot.users.sterni.keys.all;
+          shell = pkgs.fish;
+        };
+      };
+    };
+
+    # Less common
+
+    services = {
+      journald.extraConfig = ''
+        SystemMaxUse=1024M
+      '';
+
+      openssh.enable = true;
+    };
+
+    programs = {
+      mosh.enable = true;
+      tmux.enable = true;
+    };
+
+    environment.systemPackages = [
+      pkgs.weechat
+      pkgs.wget
+      pkgs.git
+      pkgs.stow
+      pkgs.htop
+      pkgs.foot.terminfo
+      pkgs.vim
+    ];
+
+    security.acme = {
+      defaults.email = builtins.getAttr "email" (
+        builtins.head (
+          builtins.filter (attrs: attrs.username == "sterni") depot.ops.users
+        )
+      );
+      acceptTerms = true;
+    };
+  };
+}