diff options
| author | Alejandro Soto <alejandro@34project.org> | 2023-01-10 19:22:41 -0600 |
|---|---|---|
| committer | Alejandro Soto <alejandro@34project.org> | 2023-01-10 21:21:16 -0600 |
| commit | 907f1e97d35614f7051cd045b8b976cb83896b13 (patch) | |
| tree | 92ba0d638688306c55a9610bd18f803f262f8d52 | |
| parent | 9b228ca52b1e6fc9b0e2071dd376ecdb42acf155 (diff) | |
env/users: add virtual user support
Diffstat (limited to '')
| -rw-r--r-- | env/users/default.nix | 124 | ||||
| -rw-r--r-- | env/users/virtual.nix | 1 |
2 files changed, 96 insertions, 29 deletions
diff --git a/env/users/default.nix b/env/users/default.nix index 2eaf891..f3be85a 100644 --- a/env/users/default.nix +++ b/env/users/default.nix @@ -1,44 +1,110 @@ -{ lib, ... }: -with lib; { +{ config, lib, ... }: +with lib; let + cfg = config.local; + inherit (config.networking) domain; +in +{ imports = [ ./mailbox.nix ]; - options.local.users = with types; mkOption { - default = { }; + options.local = with types; { + sysadmin = mkOption { + type = str; + }; - type = attrsOf (submodule { - options = { - uid = mkOption { - type = int; - }; + users = mkOption { + default = { }; - gid = mkOption { - type = int; - }; + type = attrsOf (submodule ({ config, ... }: { + options = { + uid = mkOption { + type = int; + }; - gecos = mkOption { - type = str; - default = ""; - }; + gid = mkOption { + type = int; + }; - groups = mkOption { - type = listOf str; - default = [ ]; - }; + gecos = mkOption { + type = str; + default = ""; + }; - allowLogin = mkOption { - type = bool; - default = true; + sysadmin = mkOption { + type = bool; + default = false; + }; + + groups = mkOption { + type = listOf str; + default = [ ]; + }; + + allowLogin = mkOption { + type = bool; + default = true; + }; + + hardAliases = mkOption { + type = listOf str; + default = [ ]; + }; }; - hardAliases = mkOption { - type = listOf str; - default = [ ]; + config.groups = mkBefore (optional config.sysadmin "wheel"); + })); + }; + + virtual = mkOption { + default = { }; + + type = attrsOf (submodule ({ name, ... }: { + options = { + aliases = mkOption { + type = attrsOf (listOf str); + default = { }; + }; + + users = mkOption { + type = attrsOf (submodule { }); + default = { }; + }; }; - }; - }); + + config.aliases = + let + sysadmin = mkDefault [ "sysadmin@${name}" ]; + in + { + abuse = sysadmin; + security = sysadmin; + webmaster = sysadmin; + hostmaster = sysadmin; + postmaster = sysadmin; + + sysadmin = mkDefault [ "sysadmin@${domain}" ]; + }; + })); + }; }; - config.local.users = import ./users.nix; + config.local = mkMerge [ + { + users = import ./users.nix; + virtual = import ./virtual.nix; + + sysadmin = + (findSingle + (user: user.value.sysadmin) + (throw "no user is declared as sysadmin") + (throw "more than one user is declared as sysadmin") + (mapAttrsToList nameValuePair cfg.users) + ).name; + } + + { + virtual.${domain}.aliases.sysadmin = [ cfg.sysadmin ]; + } + ]; } diff --git a/env/users/virtual.nix b/env/users/virtual.nix new file mode 100644 index 0000000..1bb3788 --- /dev/null +++ b/env/users/virtual.nix @@ -0,0 +1 @@ +# This file has been lustrated. |