summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/3modules/default.nix15
-rw-r--r--krebs/3modules/git.nix6
-rw-r--r--krebs/3modules/lib.nix2
-rw-r--r--krebs/4lib/default.nix7
-rw-r--r--krebs/4lib/types.nix11
5 files changed, 24 insertions, 17 deletions
diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 7a343d333..aeeabfe53 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -104,11 +104,16 @@ let
retiolum = "hosts";
};
- krebs.users.root = {
- home = "/root";
- name = "root";
- pubkey = config.krebs.build.host.ssh.pubkey;
- uid = 0;
+ krebs.users = {
+ krebs = {
+ home = "/krebs";
+ mail = "spam@krebsco.de";
+ };
+ root = {
+ home = "/root";
+ pubkey = config.krebs.build.host.ssh.pubkey;
+ uid = 0;
+ };
};
networking.extraHosts = concatStringsSep "\n" (flatten (
diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix
index a9542718d..0cc2f11c9 100644
--- a/krebs/3modules/git.nix
+++ b/krebs/3modules/git.nix
@@ -232,13 +232,15 @@ let
]) (filter (rule: rule.perm.allow-receive-ref != null) cfg.rules));
};
- users.extraUsers = singleton rec {
+ # TODO cfg.user
+ users.users.git = rec {
description = "Git repository hosting user";
name = "git";
shell = "/bin/sh";
openssh.authorizedKeys.keys =
mapAttrsToList (_: makeAuthorizedKey git-ssh-command)
- config.krebs.users;
+ (filterAttrs (_: user: isString user.pubkey)
+ config.krebs.users);
uid = genid name;
};
};
diff --git a/krebs/3modules/lib.nix b/krebs/3modules/lib.nix
index b19f275b5..ccd6a6afa 100644
--- a/krebs/3modules/lib.nix
+++ b/krebs/3modules/lib.nix
@@ -10,6 +10,6 @@ let
type = types.attrs;
};
imp = {
- krebs.lib = lib // import ../4lib { inherit lib; } // builtins;
+ krebs.lib = lib // import ../4lib { inherit config lib; } // builtins;
};
in out
diff --git a/krebs/4lib/default.nix b/krebs/4lib/default.nix
index 8e5cab71f..e23e42b19 100644
--- a/krebs/4lib/default.nix
+++ b/krebs/4lib/default.nix
@@ -1,4 +1,4 @@
-{ lib, ... }:
+{ config, lib, ... }:
with builtins;
with lib;
@@ -15,7 +15,10 @@ let out = rec {
addNames = mapAttrs addName;
- types = import ./types.nix { lib = lib // { inherit genid; }; };
+ types = import ./types.nix {
+ inherit config;
+ lib = lib // { inherit genid; };
+ };
dir.has-default-nix = path: pathExists (path + "/default.nix");
diff --git a/krebs/4lib/types.nix b/krebs/4lib/types.nix
index 7792b31d5..fcb6ff3d3 100644
--- a/krebs/4lib/types.nix
+++ b/krebs/4lib/types.nix
@@ -1,4 +1,4 @@
-{ lib, ... }:
+{ config, lib, ... }:
with builtins;
with lib;
@@ -22,11 +22,7 @@ types // rec {
owner = mkOption {
type = user;
- # TODO proper user
- default = {
- name = "krebs";
- mail = "spam@krebsco.de";
- };
+ default = config.krebs.users.krebs;
};
extraZones = mkOption {
@@ -183,7 +179,8 @@ types // rec {
default = config._module.args.name;
};
pubkey = mkOption {
- type = str;
+ type = nullOr str;
+ default = null;
};
uid = mkOption {
type = int;