phundrak/nix-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: enable modules to add groups to users themselves

Browse Source
This commit is contained in:
Lucien Cartier-Tilet
2026-04-30 13:51:05 +02:00
parent 91dc8e5070
commit 8282295824
3 changed files with 53 additions and 310 deletions
Download Patch File Download Diff File Expand all files Collapse all files
flake.lock
Generated
+41 -308
View File
@@ -24,43 +24,6 @@
"type": "github"
}
},
"cachix": {
"inputs": {
"devenv": [
"jj-cz",
"devenv"
],
"flake-compat": [
"jj-cz",
"devenv",
"flake-compat"
],
"git-hooks": [
"jj-cz",
"devenv",
"git-hooks"
],
"nixpkgs": [
"jj-cz",
"devenv",
"nixpkgs"
]
},
"locked": {
"lastModified": 1760971495,
"narHash": "sha256-IwnNtbNVrlZIHh7h4Wz6VP0Furxg9Hh0ycighvL5cZc=",
"owner": "cachix",
"repo": "cachix",
"rev": "c5bfd933d1033672f51a863c47303fc0e093c2d2",
"type": "github"
},
"original": {
"owner": "cachix",
"ref": "latest",
"repo": "cachix",
"type": "github"
}
},
"caelestia-cli": {
"inputs": {
"caelestia-shell": [
@@ -72,11 +35,11 @@
]
},
"locked": {
"lastModified": 1778125502,
"narHash": "sha256-QAAO9RCR6byVJi50l8RMVJWzrsNYbXonfR6tqU93vIQ=",
"lastModified": 1779768519,
"narHash": "sha256-2n/447oNfAZrl1yncafLPgXMx5tuTF6T2B+zI/zFYkI=",
"owner": "caelestia-dots",
"repo": "cli",
"rev": "7b8a4281aa8b2b12745de531cce0c65d87aea2e5",
"rev": "64a5507e74f6c7d0c29f9131964412f8f8c4dd89",
"type": "github"
},
"original": {
@@ -94,11 +57,11 @@
"quickshell": "quickshell"
},
"locked": {
"lastModified": 1778381004,
"narHash": "sha256-JwIlrajiY74obxyTMu/Ym6wOEQaCjpHwfziPK+E5u3Q=",
"lastModified": 1780196414,
"narHash": "sha256-iXmyWULTZuRd68xRL79e9GyYL9FZ6gfh6zl1PPlWX2A=",
"owner": "caelestia-dots",
"repo": "shell",
"rev": "2ca4ad4a434e91e73504debd5225e66dc5ebb2b6",
"rev": "63bb82762bb29ac9b7fcd5b97839abae721ce860",
"type": "github"
},
"original": {
@@ -115,11 +78,11 @@
]
},
"locked": {
"lastModified": 1778198574,
"narHash": "sha256-XzgYoibIH6diZoZ2GzoGeyV2xdXAwBtXdAze+Qu2kR0=",
"lastModified": 1779822991,
"narHash": "sha256-r6e4eHEyQJEDhT6gkW3B9+OgB0pZebw2+du4bvN3vww=",
"owner": "9001",
"repo": "copyparty",
"rev": "139ef1851e5d698521a5c2078c56f951d6e54d00",
"rev": "6e75faa62349a59f4df328a4939ba8626d89ee1a",
"type": "github"
},
"original": {
@@ -128,33 +91,6 @@
"type": "github"
}
},
"devenv": {
"inputs": {
"cachix": "cachix",
"flake-compat": "flake-compat",
"flake-parts": "flake-parts",
"git-hooks": "git-hooks",
"nix": "nix",
"nixd": "nixd",
"nixpkgs": [
"jj-cz",
"nixpkgs"
]
},
"locked": {
"lastModified": 1770304289,
"narHash": "sha256-+g+XMyB1zi50h2N38GE32l7ZONX4oW7Nw6QSXzfNiwk=",
"owner": "cachix",
"repo": "devenv",
"rev": "fd777e39027d393346e4df672d51ad2bf44b2a12",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "devenv",
"type": "github"
}
},
"fenix": {
"inputs": {
"nixpkgs": [
@@ -178,59 +114,6 @@
"type": "github"
}
},
"flake-compat": {
"flake": false,
"locked": {
"lastModified": 1761588595,
"narHash": "sha256-XKUZz9zewJNUj46b4AJdiRZJAvSZ0Dqj2BNfXvFlJC4=",
"owner": "edolstra",
"repo": "flake-compat",
"rev": "f387cd2afec9419c8ee37694406ca490c3f34ee5",
"type": "github"
},
"original": {
"owner": "edolstra",
"repo": "flake-compat",
"type": "github"
}
},
"flake-parts": {
"inputs": {
"nixpkgs-lib": [
"jj-cz",
"devenv",
"nixpkgs"
]
},
"locked": {
"lastModified": 1760948891,
"narHash": "sha256-TmWcdiUUaWk8J4lpjzu4gCGxWY6/Ok7mOK4fIFfBuU4=",
"owner": "hercules-ci",
"repo": "flake-parts",
"rev": "864599284fc7c0ba6357ed89ed5e2cd5040f0c04",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "flake-parts",
"type": "github"
}
},
"flake-root": {
"locked": {
"lastModified": 1723604017,
"narHash": "sha256-rBtQ8gg+Dn4Sx/s+pvjdq3CB2wQNzx9XGFq/JVGCB6k=",
"owner": "srid",
"repo": "flake-root",
"rev": "b759a56851e10cb13f6b8e5698af7b59c44be26e",
"type": "github"
},
"original": {
"owner": "srid",
"repo": "flake-root",
"type": "github"
}
},
"flake-utils": {
"locked": {
"lastModified": 1678901627,
@@ -316,57 +199,6 @@
"type": "github"
}
},
"git-hooks": {
"inputs": {
"flake-compat": [
"jj-cz",
"devenv",
"flake-compat"
],
"gitignore": "gitignore",
"nixpkgs": [
"jj-cz",
"devenv",
"nixpkgs"
]
},
"locked": {
"lastModified": 1760663237,
"narHash": "sha256-BflA6U4AM1bzuRMR8QqzPXqh8sWVCNDzOdsxXEguJIc=",
"owner": "cachix",
"repo": "git-hooks.nix",
"rev": "ca5b894d3e3e151ffc1db040b6ce4dcc75d31c37",
"type": "github"
},
"original": {
"owner": "cachix",
"repo": "git-hooks.nix",
"type": "github"
}
},
"gitignore": {
"inputs": {
"nixpkgs": [
"jj-cz",
"devenv",
"git-hooks",
"nixpkgs"
]
},
"locked": {
"lastModified": 1709087332,
"narHash": "sha256-HG2cCnktfHsKV0s4XW83gU3F57gaTljL9KNSuG6bnQs=",
"owner": "hercules-ci",
"repo": "gitignore.nix",
"rev": "637db329424fd7e46cf4185293b9cc8c88c95394",
"type": "github"
},
"original": {
"owner": "hercules-ci",
"repo": "gitignore.nix",
"type": "github"
}
},
"home-manager": {
"inputs": {
"nixpkgs": [
@@ -374,11 +206,11 @@
]
},
"locked": {
"lastModified": 1778609305,
"narHash": "sha256-muTc+WME6k3sfTr/Pvmw8hrK7zXrbl961TEF9wPeAnk=",
"lastModified": 1780408569,
"narHash": "sha256-s7Tv6FUQThRAvW8En8XVC6HMb0uiikzVccCcCo9u/Bg=",
"owner": "nix-community",
"repo": "home-manager",
"rev": "5878fdadfe2cfe1b3383b38d66117f7b80696b68",
"rev": "f384af1bec6423a0d4ba1855917ab948f64e5808",
"type": "github"
},
"original": {
@@ -390,7 +222,6 @@
"jj-cz": {
"inputs": {
"alejandra": "alejandra",
"devenv": "devenv",
"flake-utils": "flake-utils_3",
"nixpkgs": [
"nixpkgs"
@@ -398,11 +229,11 @@
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1777830987,
"narHash": "sha256-fPsv7qZHb9EO04IoQ6cGAj+6/y1pSMEFWmvLCULOEuM=",
"lastModified": 1780002319,
"narHash": "sha256-yf0zhsBfeN7oMRPo0HtCcmPCCTPDAVmVDSw3m68gT7k=",
"ref": "develop",
"rev": "bd6892d91e1a04f9b092b22831a977f08a36cbe0",
"revCount": 40,
"rev": "c1c25e33ffcbac3a1df83ca071ca83f119577012",
"revCount": 44,
"type": "git",
"url": "https://labs.phundrak.com/phundrak/jj-cz"
},
@@ -412,52 +243,6 @@
"url": "https://labs.phundrak.com/phundrak/jj-cz"
}
},
"nix": {
"inputs": {
"flake-compat": [
"jj-cz",
"devenv",
"flake-compat"
],
"flake-parts": [
"jj-cz",
"devenv",
"flake-parts"
],
"git-hooks-nix": [
"jj-cz",
"devenv",
"git-hooks"
],
"nixpkgs": [
"jj-cz",
"devenv",
"nixpkgs"
],
"nixpkgs-23-11": [
"jj-cz",
"devenv"
],
"nixpkgs-regression": [
"jj-cz",
"devenv"
]
},
"locked": {
"lastModified": 1769708679,
"narHash": "sha256-uFKkp2/SjIqbu5HtINg/hwHN6qaqcxLIbL/om7dT3kI=",
"owner": "cachix",
"repo": "nix",
"rev": "72bec37fabbfe378d677868ec42eeb83acf07a4c",
"type": "github"
},
"original": {
"owner": "cachix",
"ref": "devenv-2.32",
"repo": "nix",
"type": "github"
}
},
"nix-index-database": {
"inputs": {
"nixpkgs": [
@@ -465,11 +250,11 @@
]
},
"locked": {
"lastModified": 1778393439,
"narHash": "sha256-mOtQxUjtKaPHLeoLOY/YEDctmud1X9KwJr4kE1MJ3Wc=",
"lastModified": 1780210899,
"narHash": "sha256-4axz3OBPTKa6LIkXV8n0lc63MQU+et2CB5DGobEAi6k=",
"owner": "nix-community",
"repo": "nix-index-database",
"rev": "01466c414c7357ae2ce32be4a272a7c69e94ab5f",
"rev": "97df9dc0b7c924344b793a15c1e8e4522ebb854e",
"type": "github"
},
"original": {
@@ -478,42 +263,13 @@
"type": "github"
}
},
"nixd": {
"inputs": {
"flake-parts": [
"jj-cz",
"devenv",
"flake-parts"
],
"flake-root": "flake-root",
"nixpkgs": [
"jj-cz",
"devenv",
"nixpkgs"
],
"treefmt-nix": "treefmt-nix"
},
"locked": {
"lastModified": 1763964548,
"narHash": "sha256-JTRoaEWvPsVIMFJWeS4G2isPo15wqXY/otsiHPN0zww=",
"owner": "nix-community",
"repo": "nixd",
"rev": "d4bf15e56540422e2acc7bc26b20b0a0934e3f5e",
"type": "github"
},
"original": {
"owner": "nix-community",
"repo": "nixd",
"type": "github"
}
},
"nixpkgs": {
"locked": {
"lastModified": 1778443072,
"narHash": "sha256-zi7/fsqM/kFdNuED//4WOCUtezGtKKqRNORjMvfwjnA=",
"lastModified": 1780243769,
"narHash": "sha256-x5UQuRsH3MqI0U9afaXSNqzTPSeZlRLvFAav2Ux1pNw=",
"owner": "nixos",
"repo": "nixpkgs",
"rev": "da5ad661ba4e5ef59ba743f0d112cbc30e474f32",
"rev": "331800de5053fcebacf6813adb5db9c9dca22a0c",
"type": "github"
},
"original": {
@@ -525,11 +281,11 @@
},
"nixpkgsStable": {
"locked": {
"lastModified": 1778430510,
"narHash": "sha256-Ti+ZBvW6yrWWAg2szExVTwCd4qOJ3KlVr1tFHfyfi8Q=",
"lastModified": 1779796641,
"narHash": "sha256-ZsIrKmhp4vbBXoXXmR/tBXA/UCsAQiJL9vsgZEduhVY=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "8fd9daa3db09ced9700431c5b7ad0e8ba199b575",
"rev": "25f538306313eae3927264466c70d7001dcea1df",
"type": "github"
},
"original": {
@@ -568,11 +324,11 @@
]
},
"locked": {
"lastModified": 1778222427,
"narHash": "sha256-6GFiP611nEJvtm+m03sMyfaVIJ9QOCi//hS+PPKyyPA=",
"lastModified": 1779430452,
"narHash": "sha256-zTslhsxLqUlRTML506iougTGzyR38Fzhzn7t4KDEuuE=",
"ref": "refs/heads/master",
"rev": "d1760ed1f31c02a95b37a9bf4084129c829ebe7f",
"revCount": 817,
"rev": "4b4fca3224ab977dc515ac0bb78d00b3dfa71e00",
"revCount": 819,
"type": "git",
"url": "https://git.outfoxxed.me/outfoxxed/quickshell"
},
@@ -651,11 +407,11 @@
]
},
"locked": {
"lastModified": 1770260791,
"narHash": "sha256-ADTBfENFjRVDQMcCycyX/pAy6NFI/Ct6Mrar3gsmXI0=",
"lastModified": 1779992051,
"narHash": "sha256-4YWGv/0NkAdtTW1MXfaLYpfC9BhpCy9k1pWkR0xI9uw=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "42ec85352e419e601775c57256a52f6d48a39906",
"rev": "e93ad0df1073b2c969a8f0c1f10b84e870469d40",
"type": "github"
},
"original": {
@@ -713,11 +469,11 @@
"systems": "systems_4"
},
"locked": {
"lastModified": 1778540809,
"narHash": "sha256-FNXls2QZTcxY0Dem3QtSewnr8vUKMDsTw9m8pLOnhTc=",
"lastModified": 1780422259,
"narHash": "sha256-dWGk4SEdI189kQW5cE4Uo1Mc+P+kQEdgMcyMgTtmQOA=",
"owner": "Gerg-L",
"repo": "spicetify-nix",
"rev": "83939d7df4c0f1b8ee88cabde112223280a48554",
"rev": "8414bbf2fcc7bc0a22c675e498e3c7365c1aec0a",
"type": "github"
},
"original": {
@@ -733,11 +489,11 @@
]
},
"locked": {
"lastModified": 1778468351,
"narHash": "sha256-A5ZdpWN5d+OmKln2EPPeMmPJaBwbugO9dEhyp3pn/X8=",
"lastModified": 1780391957,
"narHash": "sha256-dPoi/DCQYlMGk9MRNODrI0VKTyLw4VzXMgIijQqhRIo=",
"owner": "nix-community",
"repo": "srvos",
"rev": "23122d21dfbe00e072ce515e21af18882bc88fd7",
"rev": "f7378bf89f4c4c0b5e3bf18079a7366a78beba07",
"type": "github"
},
"original": {
@@ -806,29 +562,6 @@
"type": "github"
}
},
"treefmt-nix": {
"inputs": {
"nixpkgs": [
"jj-cz",
"devenv",
"nixd",
"nixpkgs"
]
},
"locked": {
"lastModified": 1734704479,
"narHash": "sha256-MMi74+WckoyEWBRcg/oaGRvXC9BVVxDZNRMpL+72wBI=",
"owner": "numtide",
"repo": "treefmt-nix",
"rev": "65712f5af67234dad91a5a4baee986a8b62dbf8f",
"type": "github"
},
"original": {
"owner": "numtide",
"repo": "treefmt-nix",
"type": "github"
}
},
"zen-browser": {
"inputs": {
"nixpkgs": [
@@ -836,11 +569,11 @@
]
},
"locked": {
"lastModified": 1778303188,
"narHash": "sha256-zXFSvK80qpI91B7DU9QSExAtafSrz6vzormh2kUi6kQ=",
"lastModified": 1779946062,
"narHash": "sha256-M/2bCPYjiBTkDNV29J/00z10RM3yYnL9X74RqAHDme0=",
"owner": "youwen5",
"repo": "zen-browser-flake",
"rev": "9346c84657a9cab472bc4ee5a2d65d42a72d5346",
"rev": "2e2c38ba20a3d614d0196e0aa44851547306e861",
"type": "github"
},
"original": {
system/dev/docker.nix
+4 -1
View File
@@ -20,6 +20,9 @@ in {
};
config = mkIf cfg.enable {
mySystem.users.phundrak = mkIf config.mySystem.users.phundrak.enable {
extraGroups = ["docker"] ++ lists.optional cfg.podman.enable "podman";
};
environment.systemPackages = with pkgs;
[
dive # A tool for exploring each layer in a docker image
@@ -29,7 +32,7 @@ in {
podman-compose
podman-desktop
];
virtualisation = mkIf cfg.enable {
virtualisation = {
docker = mkIf (!cfg.podman.enable) {
enable = true;
enableNvidia = cfg.nvidia.enable;
system/users/phundrak.nix
+8 -1
View File
@@ -10,13 +10,20 @@ in {
options.mySystem.users.phundrak = {
enable = mkEnableOption "Enables user phundrak";
trusted = mkEnableOption "Mark the user as trusted by Nix";
extraGroups = mkOption {
type = types.listOf types.str;
default = [];
example = ["feedbackd"];
};
};
config = {
users.users.phundrak = mkIf cfg.enable {
isNormalUser = true;
description = "Lucien Cartier-Tilet";
extraGroups = ["networkmanager" "wheel" "docker" "dialout" "podman" "plugdev" "games" "audio" "input" "uinput"];
extraGroups =
["networkmanager" "wheel" "dialout" "plugdev" "games" "audio" "input"]
++ cfg.extraGroups;
shell = pkgs.zsh;
openssh.authorizedKeys.keyFiles = lib.filesystem.listFilesRecursive ../../users/phundrak/keys;
};