configuration for users and groups

2022-09-28 21:31:15 +01:00 · 2022-09-28 21:31:15 +01:00 · 6f23a45696
commit 6f23a45696
parent 1dbdbbbb1a
3 changed files with 44 additions and 2 deletions
--- a/default.nix
+++ b/default.nix
@ -10,6 +10,7 @@ let
    ({ lib, ... } : { config = { inherit (device) kernel; }; })
    <liminix-config>
    ./modules/s6
+    ./modules/users.nix
  ] nixpkgs.pkgs;
  squashfs = liminix.builders.squashfs config.filesystem.contents;
  kernel = callPackage ./kernel {
--- a/modules/base.nix
+++ b/modules/base.nix
@ -33,10 +33,27 @@ in {
        type = types.attrsOf types.nonEmptyStr;
      };
    };
+    groups =  mkOption {
+      type = types.attrsOf types.anything;
+    };
+    users =  mkOption {
+      type = types.attrsOf types.anything;
+    };
  };
  config = {
    defaultProfile.packages = with pkgs;
      [ s6-init-bin busybox execline s6-linux-init s6-rc ];
+
+    users.root = {
+      uid = 0; gid= 0; gecos = "Root of all evaluation";
+      dir = "/";
+      passwd = "";
+      shell = "/bin/sh";
+    };
+    groups.root = {
+      gid = 0; usernames = ["root"];
+    };
+
    filesystem = dir {
      bin = dir {
        sh = symlink "${busybox}/bin/sh";
@ -57,8 +74,6 @@ in {
            PATH=${lib.makeBinPath config.defaultProfile.packages}
            export PATH
          '');
-        passwd = { file = "root::0:0:root:/:/bin/sh\n"; };
-        group = { file = "root::0:\n"; };
      };
      proc = dir {};
      run = dir {};
--- a/modules/users.nix
+++ b/modules/users.nix
@ -0,0 +1,26 @@
+{ lib, pkgs, config, ...}:
+let
+  inherit (lib) concatStrings concatStringsSep mapAttrsToList; # mkEnableOption mkOption types isDerivation isType hasAttr ;
+  inherit (builtins) toString;
+  inherit (pkgs.pseudofile) dir symlink;
+#  inherit (pkgs) busybox;
+  passwd-file  =
+    let lines =  mapAttrsToList (name: u: "${name}:${if u ? passwd  then u.passwd else "!!"}:${toString u.uid}:${toString u.gid}:${u.gecos}:${u.dir}:${u.shell}\n" )
+      config.users;
+    in concatStrings lines;
+  group-file =
+    let lines = mapAttrsToList
+      (name: {gid, usernames ? []}:
+        "${name}:x:${toString gid}:${concatStringsSep "," usernames}\n" )
+      config.groups;
+    in concatStrings lines;
+in {
+  config = {
+    filesystem = dir {
+      etc = dir {
+        passwd = { file = passwd-file; };
+        group = { file = group-file; };
+      };
+    };
+  };
+}