{ lib, users, mods, pkgs, ... }: let machines = { "54:bf:64:5d:33:5e" = "arturgo"; "54:bf:64:5d:33:f9" = "catvayor"; "54:bf:64:5d:32:d4" = "darksysy"; "48:4d:7e:d6:fa:1e" = "empraeleerup"; "48:4d:7e:d6:cf:57" = "glohuglohu"; "54:bf:64:5d:33:7e" = "h"; "54:bf:64:5d:32:b7" = "inutile.club"; "54:bf:64:5d:33:f5" = "jimmicrosoft"; "48:4d:7e:d6:fc:e8" = "krik"; "54:bf:64:5d:31:fd" = "loony"; }; distant-users = builtins.attrValues machines; distant-users-id = builtins.genList (i: { name = builtins.elemAt distant-users i; uid = 2001 + i; }) (builtins.length distant-users); remote_sys = ( import (pkgs.path + "/nixos/lib/eval-config.nix") { system = "x86_64-linux"; specialArgs = { inherit users mods; }; modules = [ (import ./net-user/configuration.nix distant-users-id) ]; } ); remote_build = remote_sys.config.system.build; json_maker = mac: user: pkgs.writeText "netboot-${mac}.json" '' { "kernel": "/kernel", "initrd": [ "/initrd" ], "cmdline": "init=${remote_build.toplevel}/init loglevel=4 systemd.setenv=BOCAL=${user}" } ''; json_ln = mac: json: ''ln -s ${json} $out/v1/boot/${mac}''; cmds = [ "mkdir -p $out/v1/boot" "ln -s ${remote_build.kernel}/bzImage $out/kernel" "ln -s ${remote_build.netbootRamdisk}/initrd $out/initrd" ] ++ builtins.attrValues (builtins.mapAttrs json_ln (builtins.mapAttrs json_maker machines)); webroot = pkgs.runCommand "netboot-apiroot" { } (builtins.concatStringsSep "\n" cmds); in { users.groups.bocal.gid = 2000; users.users = let template = { name, uid }: { inherit name; value = { isNormalUser = true; inherit uid; shell = pkgs.zsh; group = "bocal"; homeMode = "750"; }; }; in builtins.listToAttrs (map template distant-users-id) // { bocal = { isNormalUser = true; uid = 2000; shell = pkgs.zsh; group = "bocal"; homeMode = "750"; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvi5VUsDrwS4XqQQfFFIx1JoRDPVdtChUQWqKFbPFtP8gH51woXiKtKRbDebL0z/EmkdYKxxIkzixHTR5xQXjo8JiFZbwldZi5IvMr3x//ad9sVyOhmbRx1DXLKjyOdWyo+w0vORvbEDu2lHktfSvhHGrvUHfFc3EY+cAl7IImgGEeGNPruAuNkN90Lth9QgwJVsdOEs9j7hwwKtpfMMETL5tkW34Nu7io03+SaPxwi2xLuWTdTklfZ7GWYtG2w/hFkzDbkW97rp5dxB1HO58cPqyRlqyfhZFpiUmWlyuMba3Tip6JarCa52IpFffEIDR0CSeh5CFPoeppo/TPDiXDie370TjjQpxJiG+9PobBhmChH5FmQ/lksffI/WimqpVO7Ixf5cYiHN5Z0mgJgZsXwI3YPICQLA8ebSKHA8+mdmkunDmCBRaBj1qEgkp/UoYqXT6BjBm07nOsnL+3SG/yfx4fLotgWtdm2mkjEAG+OGVR7G3Vk/POxn0EqX7Z+gU= sylvain@idefix" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILvGR9LIJrb9fEIuYn4DMAiyPq0gZ/J8Hv/hIcszu0Tp vincent@vincent-ZB" ]; }; }; home-manager.users.bocal = { home.stateVersion = "23.11"; imports = with mods.home; [ zsh neovim ]; programs.zsh.shellAliases = { "redac" = "/home/bocal/bin/redac"; "faire" = "redac faire"; }; }; services.pixiecore = { enable = true; openFirewall = true; dhcpNoBind = true; apiServer = "http://localhost:8000"; mode = "api"; listen = "192.168.222.1"; }; services.nfs.server = { enable = true; exports = let template = { name, uid }: "/home/${name} 192.168.222.0/24(rw,nohide,insecure,no_subtree_check,anonuid=${builtins.toString uid},anongid=2000)"; in builtins.concatStringsSep "\n" ( [ "/home/bocal 192.168.222.0/24(rw,nohide,insecure,no_subtree_check)" ] ++ map template distant-users-id ); }; services.dnsmasq = { enable = true; settings = { interface = [ "netboot-client" ]; bind-dynamic = true; dhcp-option = "3,0.0.0.0"; dhcp-range = "192.168.222.100,192.168.222.200,255.255.255.0,12h"; }; }; services.nginx = { enable = true; virtualHosts."localhost" = { listen = [ { addr = "localhost"; port = 8000; } ]; root = webroot; }; }; }