add which is shorthand to define a fs entry inside that user's home

2023-01-30 08:32:55 +00:00
parent 5f8154e6ce
commit 870afec07e
4 changed files with 54 additions and 5 deletions
--- a/hosts/by-name/lappy/default.nix
+++ b/hosts/by-name/lappy/default.nix
@@ -10,7 +10,7 @@

  # sane.packages.enableDevPkgs = true;

-  # sane.users.guest.enable = true;
+  # sane.guest.enable = true;
  sane.gui.sway.enable = true;
  sane.persist.enable = true;
  sane.nixcache.enable = true;
--- a/hosts/common/users.nix
+++ b/hosts/common/users.nix
@@ -3,12 +3,12 @@
 # installer docs: https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/installation-device.nix
 with lib;
 let
-  cfg = config.sane.users;
+  cfg = config.sane.guest;
  fs = sane-lib.fs;
 in
 {
  options = {
-    sane.users.guest.enable = mkOption {
+    sane.guest.enable = mkOption {
      default = false;
      type = types.bool;
    };
@@ -104,11 +104,11 @@ in
    # used by password managers, e.g. unix `pass`
    sane.fs."/home/colin/.password-store" = fs.wantedSymlinkTo "/home/colin/knowledge/secrets/accounts";

-    sane.persist.sys.plaintext = mkIf cfg.guest.enable [
+    sane.persist.sys.plaintext = mkIf cfg.enable [
      # intentionally allow other users to write to the guest folder
      { directory = "/home/guest"; user = "guest"; group = "users"; mode = "0775"; }
    ];
-    users.users.guest = mkIf cfg.guest.enable {
+    users.users.guest = mkIf cfg.enable {
      isNormalUser = true;
      home = "/home/guest";
      subUidRanges = [
--- a/modules/default.nix
+++ b/modules/default.nix
@@ -12,6 +12,7 @@
    ./services
    ./sops.nix
    ./ssh.nix
+    ./users.nix
  ];

  _module.args =  {
--- a/modules/users.nix
+++ b/modules/users.nix
@@ -0,0 +1,48 @@
+{ config, lib, sane-lib, ... }:
+
+let
+  inherit (lib) mapAttrs' mapAttrsToList mkMerge mkOption types;
+  cfg = config.sane.users;
+  path-lib = sane-lib.path;
+  userModule = types.submodule {
+    options = {
+      fs = mkOption {
+        type = types.attrs;
+        description = ''
+          entries to pass onto `sane.fs` after prepending the user's home-dir to the path.
+          e.g. `sane.users.colin.fs."/.config/aerc" = X`
+            => `sane.fs."/home/colin/.config/aerc" = X;
+        '';
+      };
+    };
+  };
+  processUser = user: defn: {
+    sane.fs = mapAttrs' (path: value: {
+      # TODO: query the user's home dir!
+      name = path-lib.concat [ "/home/${user}" path ];
+      inherit value;
+    }) defn.fs;
+  };
+in
+{
+  options = {
+    sane.users = mkOption {
+      type = types.attrsOf userModule;
+      default = {};
+      description = ''
+        options to apply to the given user.
+        the user is expected to be created externally.
+        configs applied at this level are simply transformed and then merged
+        into the toplevel `sane` options. it's merely a shorthand.
+      '';
+    };
+  };
+  config =
+    let
+      configs = mapAttrsToList processUser cfg;
+      take = f: {
+        sane.fs = f.sane.fs;
+      };
+    in
+      take (sane-lib.mkTypedMerge take configs);
+}