From 8c1df3aeaa622908cd2f75bc2d79a00d6c213ae0 Mon Sep 17 00:00:00 2001 From: "Rory&::Emma" Date: Sat, 20 Apr 2024 19:24:50 +0000 Subject: Server changes --- flake.lock | 599 +++++++++++++++++++++ flake.nix | 4 +- host/Rory-nginx/configuration.nix | 1 + .../matrixunittests/services/conduit.nix | 2 + host/Rory-nginx/services/matrix/conduit.nix | 33 +- .../Rory-nginx/services/nginx/rory.gay/conduit.nix | 4 +- host/Rory-nginx/services/nginx/rory.gay/matrix.nix | 3 +- modules/users/Alice.nix | 17 + modules/users/groups/BugMine-contrib.nix | 5 + 9 files changed, 654 insertions(+), 14 deletions(-) create mode 100644 flake.lock create mode 100755 modules/users/Alice.nix create mode 100644 modules/users/groups/BugMine-contrib.nix diff --git a/flake.lock b/flake.lock new file mode 100644 index 0000000..a46c025 --- /dev/null +++ b/flake.lock @@ -0,0 +1,599 @@ +{ + "nodes": { + "MatrixMediaGate": { + "inputs": { + "flake-utils": "flake-utils", + "nixpkgs": "nixpkgs" + }, + "locked": { + "lastModified": 1709199781, + "narHash": "sha256-OH9OSnRNj9zHkKMBRwBaa0pMA0yOzibt3h6i3M4KIKw=", + "ref": "refs/heads/master", + "rev": "a3bce27ac19dfd940a34c4c148c0f617f513feed", + "revCount": 18, + "type": "git", + "url": "https://cgit.rory.gay/matrix/tools/MatrixMediaGate.git/" + }, + "original": { + "type": "git", + "url": "https://cgit.rory.gay/matrix/tools/MatrixMediaGate.git/" + } + }, + "attic": { + "inputs": { + "crane": "crane", + "flake-compat": "flake-compat", + "flake-utils": "flake-utils_2", + "nixpkgs": "nixpkgs_3", + "nixpkgs-stable": "nixpkgs-stable" + }, + "locked": { + "lastModified": 1707922053, + "narHash": "sha256-wSZjK+rOXn+UQiP1NbdNn5/UW6UcBxjvlqr2wh++MbM=", + "owner": "zhaofengli", + "repo": "attic", + "rev": "6eabc3f02fae3683bffab483e614bebfcd476b21", + "type": "github" + }, + "original": { + "owner": "zhaofengli", + "ref": "main", + "repo": "attic", + "type": "github" + } + }, + "botcore-v4": { + "inputs": { + "nixpkgs": "nixpkgs_2" + }, + "locked": { + "lastModified": 1683656302, + "narHash": "sha256-I2eu+9/i0ktqNzQwkc0NuczQ2UThCBf8L9xnZ8v3NSM=", + "owner": "BotCore-Devs", + "repo": "BotCore-v4", + "rev": "0e8738ba7df060782df050dc733b0bfc8c499830", + "type": "gitlab" + }, + "original": { + "owner": "BotCore-Devs", + "ref": "staging", + "repo": "BotCore-v4", + "type": "gitlab" + } + }, + "conduit": { + "inputs": { + "attic": "attic", + "crane": "crane_2", + "fenix": "fenix", + "flake-compat": "flake-compat_2", + "flake-utils": "flake-utils_3", + "nix-filter": "nix-filter", + "nixpkgs": "nixpkgs_4" + }, + "locked": { + "lastModified": 1713381361, + "narHash": "sha256-0rAVZ6uhdg0ySRVu1hH/mkRZL0wMDO2f42Z1ix9LpPQ=", + "owner": "girlbossceo", + "repo": "conduwuit", + "rev": "7ecc570bb8a07aba9802fd0217f978583f55bc8b", + "type": "github" + }, + "original": { + "owner": "girlbossceo", + "repo": "conduwuit", + "rev": "7ecc570bb8a07aba9802fd0217f978583f55bc8b", + "type": "github" + } + }, + "crane": { + "inputs": { + "nixpkgs": [ + "conduit", + "attic", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1702918879, + "narHash": "sha256-tWJqzajIvYcaRWxn+cLUB9L9Pv4dQ3Bfit/YjU5ze3g=", + "owner": "ipetkov", + "repo": "crane", + "rev": "7195c00c272fdd92fc74e7d5a0a2844b9fadb2fb", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "type": "github" + } + }, + "crane_2": { + "inputs": { + "nixpkgs": [ + "conduit", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1707685877, + "narHash": "sha256-XoXRS+5whotelr1rHiZle5t5hDg9kpguS5yk8c8qzOc=", + "owner": "ipetkov", + "repo": "crane", + "rev": "2c653e4478476a52c6aa3ac0495e4dea7449ea0e", + "type": "github" + }, + "original": { + "owner": "ipetkov", + "repo": "crane", + "rev": "2c653e4478476a52c6aa3ac0495e4dea7449ea0e", + "type": "github" + } + }, + "fenix": { + "inputs": { + "nixpkgs": [ + "conduit", + "nixpkgs" + ], + "rust-analyzer-src": "rust-analyzer-src" + }, + "locked": { + "lastModified": 1711606966, + "narHash": "sha256-nTaO7ZDL4D02dVC5ktqnXNiNuODBUHyE4qEcFjAUCQY=", + "owner": "nix-community", + "repo": "fenix", + "rev": "aa45c3e901ea42d6633af083c0c555efaf948b17", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "fenix", + "type": "github" + } + }, + "flake-compat": { + "flake": false, + "locked": { + "lastModified": 1673956053, + "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_2": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_3": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-utils": { + "inputs": { + "systems": "systems" + }, + "locked": { + "lastModified": 1705309234, + "narHash": "sha256-uNRRNRKmJyCRC/8y1RqBkqWBLM034y4qN7EprSdmgyA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "1ef2e671c3b0c19053962c07dbda38332dcebf26", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_2": { + "locked": { + "lastModified": 1667395993, + "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "5aed5285a952e0b949eb3ba02c12fa4fcfef535f", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_3": { + "inputs": { + "systems": "systems_2" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_4": { + "inputs": { + "systems": "systems_3" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "home-manager": { + "inputs": { + "nixpkgs": "nixpkgs_5" + }, + "locked": { + "lastModified": 1713547559, + "narHash": "sha256-zju60y4pyYQoRmqhbgkw+jwmKZReVsCNvb8mZxID2Do=", + "owner": "nix-community", + "repo": "home-manager", + "rev": "938357cb234e85da37109df2cdd9cc59ab9c1cc0", + "type": "github" + }, + "original": { + "owner": "nix-community", + "ref": "master", + "repo": "home-manager", + "type": "github" + } + }, + "mtxclientSrc": { + "flake": false, + "locked": { + "lastModified": 1710558918, + "narHash": "sha256-N92nf1Ay27auUQR9pZSXx4HMFCG9UGTBei+Eva18TLU=", + "owner": "Nheko-reborn", + "repo": "mtxclient", + "rev": "4fb7d678aeea197d16b52bfb1dc35b506673bb52", + "type": "github" + }, + "original": { + "owner": "Nheko-reborn", + "ref": "master", + "repo": "mtxclient", + "type": "github" + } + }, + "nhekoSrc": { + "flake": false, + "locked": { + "lastModified": 1712511512, + "narHash": "sha256-T27BrHbPrbzI9rymiQbHEp8OMMVn74SG42YAJj8qWmk=", + "owner": "Nheko-reborn", + "repo": "nheko", + "rev": "df88eccfb7f4826299a93b30606364a387b23779", + "type": "github" + }, + "original": { + "owner": "Nheko-reborn", + "ref": "master", + "repo": "nheko", + "type": "github" + } + }, + "nix-filter": { + "locked": { + "lastModified": 1710156097, + "narHash": "sha256-1Wvk8UP7PXdf8bCCaEoMnOT1qe5/Duqgj+rL8sRQsSM=", + "owner": "numtide", + "repo": "nix-filter", + "rev": "3342559a24e85fc164b295c3444e8a139924675b", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "nix-filter", + "type": "github" + } + }, + "nixos-wsl": { + "inputs": { + "flake-compat": "flake-compat_3", + "flake-utils": "flake-utils_4", + "nixpkgs": "nixpkgs_6" + }, + "locked": { + "lastModified": 1713528946, + "narHash": "sha256-IBQta+xrEaI2S5UmYrXcgV7Tu7rGLQu2V3TeJseLPSg=", + "owner": "nix-community", + "repo": "NixOS-WSL", + "rev": "63c1247e12f269396ed2df8cdec3aed1f0f3928c", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "NixOS-WSL", + "type": "github" + } + }, + "nixpkgs": { + "locked": { + "lastModified": 1708807242, + "narHash": "sha256-sRTRkhMD4delO/hPxxi+XwLqPn8BuUq6nnj4JqLwOu0=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "73de017ef2d18a04ac4bfd0c02650007ccb31c2a", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-RoryNix": { + "locked": { + "lastModified": 1713344939, + "narHash": "sha256-jpHkAt0sG2/J7ueKnG7VvLLkBYUMQbXQ2L8OBpVG53s=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "e402c3eb6d88384ca6c52ef1c53e61bdc9b84ddd", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-rory": { + "locked": { + "lastModified": 1712398816, + "narHash": "sha256-9s+KZY0XBQEl1oEwELIgXuS8OG8E+a0J/8ih+oYCCC4=", + "owner": "TheArcaneBrony", + "repo": "nixpkgs", + "rev": "7e5dba52fb1644c6412871495a946aea14deb871", + "type": "github" + }, + "original": { + "owner": "TheArcaneBrony", + "ref": "master", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs-stable": { + "locked": { + "lastModified": 1702780907, + "narHash": "sha256-blbrBBXjjZt6OKTcYX1jpe9SRof2P9ZYWPzq22tzXAA=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "1e2e384c5b7c50dbf8e9c441a9e58d85f408b01f", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_2": { + "locked": { + "lastModified": 1683408522, + "narHash": "sha256-9kcPh6Uxo17a3kK3XCHhcWiV1Yu1kYj22RHiymUhMkU=", + "owner": "nixos", + "repo": "nixpkgs", + "rev": "897876e4c484f1e8f92009fd11b7d988a121a4e7", + "type": "github" + }, + "original": { + "owner": "nixos", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { + "locked": { + "lastModified": 1702539185, + "narHash": "sha256-KnIRG5NMdLIpEkZTnN5zovNYc0hhXjAgv6pfd5Z4c7U=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "aa9d4729cbc99dabacb50e3994dcefb3ea0f7447", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_4": { + "locked": { + "lastModified": 1711523803, + "narHash": "sha256-UKcYiHWHQynzj6CN/vTcix4yd1eCu1uFdsuarupdCQQ=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "2726f127c15a4cc9810843b96cad73c7eb39e443", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_5": { + "locked": { + "lastModified": 1713248628, + "narHash": "sha256-NLznXB5AOnniUtZsyy/aPWOk8ussTuePp2acb9U+ISA=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "5672bc9dbf9d88246ddab5ac454e82318d094bb8", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_6": { + "locked": { + "lastModified": 1713013257, + "narHash": "sha256-ZEfGB3YCBVggvk0BQIqVY7J8XF/9jxQ68fCca6nib+8=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "90055d5e616bd943795d38808c94dbf0dd35abe8", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-23.11", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_7": { + "locked": { + "lastModified": 1713297878, + "narHash": "sha256-hOkzkhLT59wR8VaMbh1ESjtZLbGi+XNaBN6h49SPqEc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "66adc1e47f8784803f2deb6cacd5e07264ec2d5c", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixos-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "root": { + "inputs": { + "MatrixMediaGate": "MatrixMediaGate", + "botcore-v4": "botcore-v4", + "conduit": "conduit", + "home-manager": "home-manager", + "mtxclientSrc": "mtxclientSrc", + "nhekoSrc": "nhekoSrc", + "nixos-wsl": "nixos-wsl", + "nixpkgs": "nixpkgs_7", + "nixpkgs-RoryNix": "nixpkgs-RoryNix", + "nixpkgs-rory": "nixpkgs-rory" + } + }, + "rust-analyzer-src": { + "flake": false, + "locked": { + "lastModified": 1711562745, + "narHash": "sha256-s/YOyBM0vumhkqCFi8CnV5imFlC5JJrGia8CmEXyQkM=", + "owner": "rust-lang", + "repo": "rust-analyzer", + "rev": "ad51a17c627b4ca57f83f0dc1f3bb5f3f17e6d0b", + "type": "github" + }, + "original": { + "owner": "rust-lang", + "ref": "nightly", + "repo": "rust-analyzer", + "type": "github" + } + }, + "systems": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_2": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + } + }, + "root": "root", + "version": 7 +} diff --git a/flake.nix b/flake.nix index 0ea3c34..cb3c792 100755 --- a/flake.nix +++ b/flake.nix @@ -19,7 +19,7 @@ }; conduit = { #url = "gitlab:famedly/conduit"; - url = "github:girlbossceo/conduwuit"; + url = "github:girlbossceo/conduwuit/7ecc570bb8a07aba9802fd0217f978583f55bc8b"; # Assuming you have an input for nixpkgs called `nixpkgs`. If you experience # build failures while using this, try commenting/deleting this line. This # will probably also require you to always build from source. @@ -35,7 +35,7 @@ }; MatrixMediaGate = { - url = "git+https://cgit.rory.gay/matrix/MatrixMediaGate.git/"; + url = "git+https://cgit.rory.gay/matrix/tools/MatrixMediaGate.git/"; }; # Sources... diff --git a/host/Rory-nginx/configuration.nix b/host/Rory-nginx/configuration.nix index ea023d6..ef4f7c0 100755 --- a/host/Rory-nginx/configuration.nix +++ b/host/Rory-nginx/configuration.nix @@ -7,6 +7,7 @@ ../../modules/users/levi.nix ../../modules/users/db2k.nix ../../modules/users/ks.nix + ../../modules/users/Alice.nix ./services/postgres.nix ./services/discordbots.nix diff --git a/host/Rory-nginx/services/containers/matrixunittests/services/conduit.nix b/host/Rory-nginx/services/containers/matrixunittests/services/conduit.nix index 8e49043..e07dad3 100755 --- a/host/Rory-nginx/services/containers/matrixunittests/services/conduit.nix +++ b/host/Rory-nginx/services/containers/matrixunittests/services/conduit.nix @@ -12,6 +12,8 @@ max_concurrent_requests = 1000; allow_check_for_updates = false; allow_registration = true; + yes_i_am_very_very_sure_i_want_an_open_registration_server_prone_to_abuse = true; + allow_guest_registration = true; disable_federation = true; }; }; diff --git a/host/Rory-nginx/services/matrix/conduit.nix b/host/Rory-nginx/services/matrix/conduit.nix index f98a4e6..463c936 100755 --- a/host/Rory-nginx/services/matrix/conduit.nix +++ b/host/Rory-nginx/services/matrix/conduit.nix @@ -9,14 +9,15 @@ server_name = "conduit.rory.gay"; database_backend = "rocksdb"; - rocksdb_optimize_for_spinning_disks = true; - rocksdb_max_log_file_size = 33554432; +# rocksdb_optimize_for_spinning_disks = false; +# rocksdb_max_log_file_size = 33554432; - - allow_public_room_directory_over_federation = true; +# allow_public_room_directory_over_federation = true; - allow_device_name_federation = true; - enable_lightning_bolt = true; +# allow_device_name_federation = true; +# enable_lightning_bolt = true; + + #allow_local_presence = true; #allow_incoming_presence = true; #allow_outgoing_presence = true; @@ -24,14 +25,28 @@ #presence_offline_timeout_s = 180; - max_concurrent_requests = 1000; - conduit_cache_capacity_modifier = 3.0; +# max_concurrent_requests = 32767; +# conduit_cache_capacity_modifier = 4000.0; #512.0; +# db_cache_capacity_mb = 65535.0; #8192.0; +# rocksdb_parallelism_threads = 12; + + #dns settings +# dns_cache_entries = 65535; +# dns_min_ttl = 60 * 60 * 12; #12 hours... we expect other servers to backfill in the unlikely case an IP changes. +# dns_min_ttl_nxdomain = 60 * 60 * 24 * 7; #1 week... we expect backfill to happen must this change... +# dns_timeout = 15; +# dns_attempts = 15; #our DNS setup tends to fail +# query_all_nameservers = true; #needed on our setup... + +# federation_timeout = 30; +# federation_idle_per_host = 8; +# federation_idle_timeout = 600; allow_check_for_updates = false; allow_registration = false; - #log = "info,state_res=info"; +# log = "info,state_res=info"; #log = "debug"; }; }; diff --git a/host/Rory-nginx/services/nginx/rory.gay/conduit.nix b/host/Rory-nginx/services/nginx/rory.gay/conduit.nix index 44b074a..81547aa 100755 --- a/host/Rory-nginx/services/nginx/rory.gay/conduit.nix +++ b/host/Rory-nginx/services/nginx/rory.gay/conduit.nix @@ -2,8 +2,8 @@ enableACME = true; addSSL = true; locations."/" = { - proxyPass = "http://127.0.0.1:9002"; - #proxyPass = "http://127.0.0.1:6167"; + #proxyPass = "http://127.0.0.1:9002"; + proxyPass = "http://127.0.0.1:6167"; extraConfig = '' if ($request_method = 'OPTIONS') { more_set_headers 'Access-Control-Allow-Origin: *'; diff --git a/host/Rory-nginx/services/nginx/rory.gay/matrix.nix b/host/Rory-nginx/services/nginx/rory.gay/matrix.nix index 8aaedc8..6a5bf47 100755 --- a/host/Rory-nginx/services/nginx/rory.gay/matrix.nix +++ b/host/Rory-nginx/services/nginx/rory.gay/matrix.nix @@ -2,7 +2,8 @@ enableACME = true; addSSL = true; locations."/" = { - proxyPass = "http://127.0.0.1:9001"; + #proxyPass = "http://127.0.0.1:9001"; + proxyPass = "http://localhost:8008"; extraConfig = '' if ($request_method = 'OPTIONS') { more_set_headers 'Access-Control-Allow-Origin: *'; diff --git a/modules/users/Alice.nix b/modules/users/Alice.nix new file mode 100755 index 0000000..e2e343a --- /dev/null +++ b/modules/users/Alice.nix @@ -0,0 +1,17 @@ +{ config, pkgs, ... }: + +{ + imports = [ groups/BugMine-contrib.nix ]; + users.groups.Alice = {}; + users.users.Alice = { + isSystemUser = true; + extraGroups = [ "BugMine-contrib" ]; + group = "Alice"; + home = "/group/bugmine-contrib"; + shell = "${pkgs.git}/bin/git-shell"; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPb52m1rnJSffSOJvN6OYkKgK0TmiRKE4SbOKlkT8Tvn" + ]; + }; +} + diff --git a/modules/users/groups/BugMine-contrib.nix b/modules/users/groups/BugMine-contrib.nix new file mode 100644 index 0000000..636afba --- /dev/null +++ b/modules/users/groups/BugMine-contrib.nix @@ -0,0 +1,5 @@ +{ config, pkgs, ... }: + +{ + users.groups.BugMine-contrib = {}; +} -- cgit 1.4.1