Unverified Commit b7529e96 authored by Paki's avatar Paki
Browse files

hm: user units

parent 56ee3ac4
......@@ -35,7 +35,7 @@
];
systemd.services =
let
nixops = "${pkgs.nixops}/bin/nixops deploy --network ./.";
nixops = "${pkgs.nixops}/bin/nixops deploy --debug --network ./.";
cfgUnit = {
serviceConfig = rec{
......@@ -43,7 +43,10 @@
IOWeight = 20;
WorkingDirectory = "/etc/nixos";
};
environment.HOME = config.users.users.root.home;
environment = {
HOME = config.users.users.root.home;
NIX_PATH = lib.strings.concatStringsSep ":" config.nix.nixPath;
};
wants = [ "network-online.target" ];
after = [ "network-online.target" ];
};
......@@ -58,11 +61,11 @@
gpg --allow-secret-key-import --import /var/keys/prv.gpg
'';
};
nixops-upgrade = _:{
nixops-upgrade = _: {
imports = [ cfgUnit ];
startAt = config.my.downtime;
after = [ "gpg-key-import.service" ];
path = with pkgs;[ config.nix.package git git-crypt openssh];
path = with pkgs;[ config.nix.package git git-crypt openssh ];
script = ''
git pull
nix flake update
......@@ -73,12 +76,12 @@
'';
onFailure = [ "nixops-reset.service" ];
};
nixops-reset = _:{
nixops-reset = _: {
imports = [ cfgUnit ];
serviceConfig.ExecStart = "${pkgs.git}/bin/git restore .";
};
} // lib.mapAttrs'
(n: v: lib.nameValuePair "nixops-upgrade-${n}" (_:{
(n: v: lib.nameValuePair "nixops-upgrade-${n}" (_: {
imports = [ cfgUnit ];
after = [ "nixops-upgrade.service" ];
startAt = v.my.downtime;
......
......@@ -10,7 +10,8 @@
./print.nix
./peerix.nix
./boinc.nix
inputs.home.nixosModules.home-manager
# inputs.home.nixosModules.home-manager
./hm.nix
inputs.nix-ld.nixosModules.nix-ld
"${inputs.nixpkgs}/nixos/modules/installer/scan/not-detected.nix"
"${inputs.nixpkgs}/pkgs/misc/cups/drivers/samsung/1.00.36/module.nix"
......
{ config, lib, pkgs, inputs, ... }:
with lib;
let
cfg = config.home-manager;
extendedLib = import "${inputs.home}/modules/lib/stdlib-extended.nix" pkgs.lib;
hmModule = types.submoduleWith {
specialArgs = {
lib = extendedLib;
nixosConfig = config;
osConfig = config;
modulesPath = "${inputs.home}/modules";
} // cfg.extraSpecialArgs;
modules = [
({ name, ... }: {
imports = import "${inputs.home}/modules/modules.nix" {
inherit pkgs;
lib = extendedLib;
useNixpkgsModule = !cfg.useGlobalPkgs;
};
config = {
submoduleSupport.enable = true;
submoduleSupport.externalPackageInstall = cfg.useUserPackages;
# The per-user directory inside /etc/profiles is not known by
# fontconfig by default.
fonts.fontconfig.enable = cfg.useUserPackages
&& config.fonts.fontconfig.enable;
home.username = config.users.users.${name}.name;
home.homeDirectory = config.users.users.${name}.home;
# Make activation script use same version of Nix as system as a whole.
# This avoids problems with Nix not being in PATH.
home.extraActivationPath = [ config.nix.package ];
# .ssh/config needs to exists before login to let ssh login as that user
# programs.ssh.internallyManaged = false;
};
})
] ++ cfg.sharedModules;
};
in {
options = {
home-manager = {
useUserPackages = mkEnableOption ''
installation of user packages through the
<option>users.users.&lt;name&gt;.packages</option> option.
'';
useGlobalPkgs = mkEnableOption ''
using the system configuration's <literal>pkgs</literal>
argument in Home Manager. This disables the Home Manager
options <option>nixpkgs.*</option>
'';
backupFileExtension = mkOption {
type = types.nullOr types.str;
default = null;
example = "backup";
description = ''
On activation move existing files by appending the given
file extension rather than exiting with an error.
'';
};
extraSpecialArgs = mkOption {
type = types.attrs;
default = { };
example = literalExpression "{ inherit emacs-overlay; }";
description = ''
Extra <literal>specialArgs</literal> passed to Home Manager. This
option can be used to pass additional arguments to all modules.
'';
};
sharedModules = mkOption {
type = with types;
# TODO: use types.raw once this PR is merged: https://github.com/NixOS/nixpkgs/pull/132448
listOf (mkOptionType {
name = "submodule";
inherit (submodule { }) check;
merge = lib.options.mergeOneOption;
description = "Home Manager modules";
});
default = [ ];
example = literalExpression "[ { home.packages = [ nixpkgs-fmt ]; } ]";
description = ''
Extra modules added to all users.
'';
};
verbose = mkEnableOption "verbose output on activation";
users = mkOption {
type = types.attrsOf hmModule;
default = { };
# Set as not visible to prevent the entire submodule being included in
# the documentation.
visible = false;
description = ''
Per-user Home Manager configuration.
'';
};
};
};
config = mkIf (cfg.users != { }) {
warnings = flatten (flip mapAttrsToList cfg.users (user: config:
flip map config.warnings (warning: "${user} profile: ${warning}")));
assertions = flatten (flip mapAttrsToList cfg.users (user: config:
flip map config.assertions (assertion: {
inherit (assertion) assertion;
message = "${user} profile: ${assertion.message}";
})));
systemd.user.services.home-manager = {
description = "Home Manager environment for %u";
wantedBy = [ "default.target" ];
# user units cannot depend on system units
# TODO: Insert in the script logic for waiting on the nix socket via dbus
# like https://github.com/mogorman/systemd-lock-handler
# wants = [ "nix-daemon.socket" ];
# after = [ "nix-daemon.socket" ];
environment = optionalAttrs (cfg.backupFileExtension != null) {
HOME_MANAGER_BACKUP_EXT = cfg.backupFileExtension;
} // optionalAttrs cfg.verbose { VERBOSE = "1"; };
stopIfChanged = false;
serviceConfig = {
Type = "oneshot";
RemainAfterExit = "yes";
TimeoutStartSec = 90;
SyslogIdentifier = "hm-activate-%u";
# a default for any user that has not defined
# config.home-manager.users.${username}
# this will be overridden by the below drop-in
ExecStart = "${pkgs.coreutils}/bin/true";
};
};
users.users = mapAttrs (username: usercfg: {
packages =
# unit files are taken from $XDG_DATA_DIRS too
# but are loaded after units from /etc
# we write a drop in so that it will take precedence
# over the above unit declaration
[
(pkgs.writeTextDir
"/share/systemd/user/home-manager.service.d/10-user-activation.conf" ''
[Service]
ExecStart=
ExecStart=${usercfg.home.activationPackage}/activate
'')
] ++ lib.optional cfg.useUserPackages usercfg.home.path;
}) cfg.users;
environment.pathsToLink = [ "/share/systemd/user/home-manager.service.d" ]
++ lib.optional cfg.useUserPackages "/etc/profile.d";
systemd.services = mapAttrs' (_: usercfg:
let inherit (usercfg.home) username homeDirectory;
in nameValuePair "ssh_config-${username}" {
inherit (usercfg.programs.ssh) enable;
description = "Linking ${username}' ssh conifg";
wantedBy = [ "multi-user.target" ];
before = [ "systemd-user-sessions.service" ];
unitConfig.RequiresMountsFor = homeDirectory;
stopIfChanged = false;
serviceConfig = {
User = username;
Type = "oneshot";
RemainAfterExit = "yes";
TimeoutStartSec = 90;
SyslogIdentifier = "hm-activate-${username}";
ExecStart = [
"${pkgs.coreutils}/bin/ln -s ${usercfg.programs.ssh.configPath} ${homeDirectory}/.ssh/config"
];
};
}) cfg.users;
};
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment