From fa6ed5655a735997df3eabc43d1b7f9956ab3840 Mon Sep 17 00:00:00 2001 From: Lucien Cartier-Tilet Date: Thu, 30 Apr 2026 13:51:05 +0200 Subject: [PATCH] refactor: enable modules to add groups to users themselves --- system/dev/docker.nix | 5 ++++- system/users/phundrak.nix | 9 ++++++++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/system/dev/docker.nix b/system/dev/docker.nix index 5d35adf..785ef60 100644 --- a/system/dev/docker.nix +++ b/system/dev/docker.nix @@ -20,6 +20,9 @@ in { }; config = mkIf cfg.enable { + mySystem.users.phundrak = mkIf cfg.mySystem.users.phundrak.enable { + extraGroups = ["docker"] ++ lists.optional cfg.podman.enable "podman"; + }; environment.systemPackages = with pkgs; [ dive # A tool for exploring each layer in a docker image @@ -29,7 +32,7 @@ in { podman-compose podman-desktop ]; - virtualisation = mkIf cfg.enable { + virtualisation = { docker = mkIf (!cfg.podman.enable) { enable = true; enableNvidia = cfg.nvidia.enable; diff --git a/system/users/phundrak.nix b/system/users/phundrak.nix index 1be0f40..ccdd76d 100644 --- a/system/users/phundrak.nix +++ b/system/users/phundrak.nix @@ -10,13 +10,20 @@ in { options.mySystem.users.phundrak = { enable = mkEnableOption "Enables user phundrak"; trusted = mkEnableOption "Mark the user as trusted by Nix"; + extraGroups = mkOption { + type = types.listOf types.str; + default = []; + example = ["feedbackd"]; + }; }; config = { users.users.phundrak = mkIf cfg.enable { isNormalUser = true; description = "Lucien Cartier-Tilet"; - extraGroups = ["networkmanager" "wheel" "docker" "dialout" "podman" "plugdev" "games" "audio" "input" "uinput"]; + extraGroups = + ["networkmanager" "wheel" "dialout" "plugdev" "games" "audio" "input"] + ++ cfg.extraGroups; shell = pkgs.zsh; openssh.authorizedKeys.keyFiles = lib.filesystem.listFilesRecursive ../../users/phundrak/keys; };