65 lines
1.6 KiB
Nix
65 lines
1.6 KiB
Nix
topLevel: {
|
|
flake.modules = {
|
|
nixos.root =
|
|
{
|
|
config,
|
|
inputs,
|
|
pkgs,
|
|
...
|
|
}:
|
|
{
|
|
imports = [
|
|
{
|
|
home-manager.users.root = {
|
|
imports = with topLevel.config.flake.modules.homeManager; [
|
|
inputs.catppuccin.homeModules.catppuccin
|
|
|
|
# components
|
|
base
|
|
|
|
# Activate all user based config
|
|
cholli # TODO: make root based config that makes it clear I am root user right now
|
|
root
|
|
];
|
|
};
|
|
}
|
|
];
|
|
programs.fish.enable = true;
|
|
sops.secrets.passwordHash.neededForUsers = true;
|
|
|
|
users.users.root = {
|
|
shell = pkgs.fish;
|
|
openssh.authorizedKeys.keys = topLevel.config.flake.meta.users.cholli.authorizedKeys;
|
|
hashedPasswordFile = config.sops.secrets.passwordHash.path;
|
|
};
|
|
};
|
|
|
|
homeManager.root =
|
|
{
|
|
lib,
|
|
osConfig,
|
|
pkgs,
|
|
...
|
|
}:
|
|
let
|
|
|
|
generateHostEntry = machine: ''
|
|
Host ${machine.hostName}
|
|
IdentitiesOnly yes
|
|
IdentityFile ${machine.sshKey}
|
|
User remotebuild
|
|
'';
|
|
|
|
filteredMachines = lib.filter (machine: machine.hostName != "localhost") osConfig.nix.buildMachines;
|
|
remotebuild-ssh-config = pkgs.writeTextFile {
|
|
name = "remotebuild-ssh-config";
|
|
text = lib.concatMapStringsSep "\n" generateHostEntry filteredMachines;
|
|
};
|
|
in
|
|
{
|
|
home.file = {
|
|
".ssh/config".source = remotebuild-ssh-config;
|
|
};
|
|
};
|
|
};
|
|
}
|