diff --git a/doc/concepts/suites.md b/doc/concepts/suites.md index e9eef34ce..c40b08abe 100644 --- a/doc/concepts/suites.md +++ b/doc/concepts/suites.md @@ -2,24 +2,34 @@ Suites provide a mechanism for users to easily combine and name collections of profiles. -`suites` are defined in the `importables` argument in either the `home` or `nixos` -namespace. They are a special case of an `importable` which is passed as a special -argument (one that can be use in an `imports` line) to your hosts. All lists defined -in `suites` are flattened and type-checked as paths. +`suites` are defined in the `importables` argument in any of the `nixos`, +`darwin`, or `home` namespaces. They are a special case of an `importable` which +is passed as a special argument (one that can be use in an `imports` line) to +your hosts. All lists defined in `suites` are flattened and type-checked as +paths. ## Definition + ```nix rec { - workstation = [ profiles.develop profiles.graphical users.nixos ]; - mobileWS = workstation ++ [ profiles.laptop ]; + workstation = [ + profiles.develop + profiles.graphical + users.primary + ]; + portableWorkstation = + workstation + ++ [ profiles.laptop ]; } ``` ## Usage + `hosts/my-laptop.nix`: + ```nix { suites, ... }: { - imports = suites.mobileWS; + imports = suites.portableWorkstation; } ``` diff --git a/examples/devos/flake.nix b/examples/devos/flake.nix index 02db321b3..2511f84d2 100644 --- a/examples/devos/flake.nix +++ b/examples/devos/flake.nix @@ -119,7 +119,11 @@ users = digga.lib.rakeLeaves ./users; }; suites = with profiles; rec { - base = [ core.nixos users.nixos users.root ]; + base = [ + core.nixos + users.root + users.primary + ]; }; }; }; @@ -147,7 +151,10 @@ users = digga.lib.rakeLeaves ./users; }; suites = with profiles; rec { - base = [ core.darwin users.darwin ]; + base = [ + core.darwin + users.primary + ]; }; }; }; @@ -162,34 +169,17 @@ }; }; users = { - # TODO: does this naming convention still make sense with darwin support? - # - # - it doesn't make sense to make a 'nixos' user available on - # darwin, and vice versa - # - # - the 'nixos' user might have special significance as the default - # user for fresh systems - # - # - perhaps a system-agnostic home-manager user is more appropriate? - # something like 'primaryuser'? - # - # all that said, these only exist within the `hmUsers` attrset, so - # it could just be left to the developer to determine what's - # appropriate. after all, configuring these hm users is one of the - # first steps in customizing the template. - nixos = { suites, ... }: { imports = suites.base; }; - darwin = { suites, ... }: { imports = suites.base; }; - }; # digga.lib.importers.rakeLeaves ./users/hm; + primary = { suites, ... }: { imports = suites.base; }; + }; }; devshell = ./shell; - # TODO: similar to the above note: does it make sense to make all of - # these users available on all systems? - homeConfigurations = digga.lib.mergeAny - (digga.lib.mkHomeConfigurations self.darwinConfigurations) - (digga.lib.mkHomeConfigurations self.nixosConfigurations) - ; + homeConfigurations = + digga.lib.mkHomeConfigurations + (digga.lib.collectHosts + self.nixosConfigurations + self.darwinConfigurations); deploy.nodes = digga.lib.mkDeployNodes self.nixosConfigurations { }; diff --git a/examples/devos/hosts/nixos/bootstrap.nix b/examples/devos/hosts/nixos/bootstrap.nix index 1f8933743..ca50b9d77 100644 --- a/examples/devos/hosts/nixos/bootstrap.nix +++ b/examples/devos/hosts/nixos/bootstrap.nix @@ -1,10 +1,12 @@ { profiles, ... }: { - imports = [ - # profiles.networking - profiles.core.nixos - profiles.users.root # make sure to configure ssh keys - profiles.users.nixos + imports = with profiles; [ + core.nixos + # N.B. Make sure to add your public SSH keys to authorized keys! + users.root + # Note that this is different than the usual `primary` user for the sake of + # a familiar installation UX. + users.nixos ]; boot.loader.systemd-boot.enable = true; diff --git a/examples/devos/users/darwin/default.nix b/examples/devos/users/darwin/default.nix deleted file mode 100644 index a268b8a87..000000000 --- a/examples/devos/users/darwin/default.nix +++ /dev/null @@ -1,8 +0,0 @@ -{ hmUsers, ... }: -{ - home-manager.users = { inherit (hmUsers) darwin; }; - - users.users.darwin = { - description = "default"; - }; -} diff --git a/examples/devos/users/nixos.nix b/examples/devos/users/nixos.nix new file mode 100644 index 000000000..593de0e53 --- /dev/null +++ b/examples/devos/users/nixos.nix @@ -0,0 +1,23 @@ +{ hmUsers, ... }: +{ + # In this profile, the `nixos` system-level user loads the home-manager + # profile for the `primary` user defined in the flake's + # `self.home.users.primary` option. + # + # The user profile names defined in `self.home.users.` don't need to + # correspond directly to system-level usernames. They can, instead, be + # imported as a module in any `home-manager.users` configuration, allowing for + # more flexibility. + # + # Compare with the `primary` system user (in this directory), which uses a + # simplified (but limited) approach. + home-manager.users.nixos = {...}: { imports = [hmUsers.primary]; }; + + users.users.nixos = { + # This is the standard password for installation media. + password = "nixos"; + description = "default"; + isNormalUser = true; + extraGroups = [ "wheel" ]; + }; +} diff --git a/examples/devos/users/nixos/default.nix b/examples/devos/users/nixos/default.nix deleted file mode 100644 index 077a52e4c..000000000 --- a/examples/devos/users/nixos/default.nix +++ /dev/null @@ -1,11 +0,0 @@ -{ hmUsers, ... }: -{ - home-manager.users = { inherit (hmUsers) nixos; }; - - users.users.nixos = { - password = "nixos"; - description = "default"; - isNormalUser = true; - extraGroups = [ "wheel" ]; - }; -} diff --git a/examples/devos/users/primary/default.nix b/examples/devos/users/primary/default.nix new file mode 100644 index 000000000..b99bdd101 --- /dev/null +++ b/examples/devos/users/primary/default.nix @@ -0,0 +1,20 @@ +{ hmUsers, ... }: +{ + users.users.primary = { + description = "primary administrative user on this machine"; + isNormalUser = true; + extraGroups = [ "wheel" ]; + + # Make sure to change this! + initialPassword = "nixos"; + }; + + # The following home-manager user definition doesn't include any further + # customization beyond the default `hmUsers.primary` profile, so its + # implementation can be simplified. + # + # Note, however, that the pattern demonstrated in the `nixos` user profile is + # more flexible in the long run, especially if you want to share the same + # home-manager profile amongst multiple users with different usernames. + home-manager.users = { inherit (hmUsers) primary; }; +} diff --git a/examples/devos/users/root/default.nix b/examples/devos/users/root.nix similarity index 100% rename from examples/devos/users/root/default.nix rename to examples/devos/users/root.nix diff --git a/src/modules.nix b/src/modules.nix index 28c17b095..e822b5458 100644 --- a/src/modules.nix +++ b/src/modules.nix @@ -17,7 +17,8 @@ globalDefaults = { hmUsers }: { config, pkgs, self, ... }: { - # digga lib can be accessed in modules directly as config.lib.digga + # Digga's library functions can be accessed directly through the module + # system as `config.lib.digga`. lib = { inherit (pkgs.lib) digga; }; @@ -32,6 +33,10 @@ }; nixosDefaults = { self, ... }: { + # N.B. If users are not explicitly defined in configuration, they will be + # removed from the resulting system. This could result in data loss if + # you're not starting from a fresh install -- even if you are currently + # logged in! users.mutableUsers = lib.mkDefault false; hardware.enableRedistributableFirmware = lib.mkDefault true; system.configurationRevision = lib.mkIf (self ? rev) self.rev;