pyrox.dev / nixpkgs
lol
fork atom

Rename users.extraUsers -> users.users, users.extraGroup -> users.groups

The "extra" part hasn't made sense for years.

Eelco Dolstra 14321ae2 dc5bf39b

options
unified split
Changed files
+19 -17
nixos
modules
config
users-groups.nix
rename.nix
services
networking
ssh
sshd.nix
+16 -16
nixos/modules/config/users-groups.nix 
···

       
336

       
 

       
    map (range: "${user.name}:${toString range.startUid}:${toString range.count}\n")


     

       
337

       
 

       
      user.subUidRanges);


     

       
338

       
 

       



     

       
339

       
-

       
  subuidFile = concatStrings (map mkSubuidEntry (attrValues cfg.extraUsers));


     

       
340

       
 

       



     

       
341

       
 

       
  mkSubgidEntry = user: concatStrings (


     

       
342

       
 

       
    map (range: "${user.name}:${toString range.startGid}:${toString range.count}\n")


     

       
343

       
 

       
        user.subGidRanges);


     

       
344

       
 

       



     

       
345

       
-

       
  subgidFile = concatStrings (map mkSubgidEntry (attrValues cfg.extraUsers));


     

       
346

       
 

       



     

       
347

       
 

       
  idsAreUnique = set: idAttr: !(fold (name: args@{ dup, acc }:


     

       
348

       
 

       
    let


     
···

       
354

       
 

       
      else { dup = false; acc = newAcc; }


     

       
355

       
 

       
    ) { dup = false; acc = {}; } (builtins.attrNames set)).dup;


     

       
356

       
 

       



     

       
357

       
-

       
  uidsAreUnique = idsAreUnique (filterAttrs (n: u: u.uid != null) cfg.extraUsers) "uid";


     

       
358

       
-

       
  gidsAreUnique = idsAreUnique (filterAttrs (n: g: g.gid != null) cfg.extraGroups) "gid";


     

       
359

       
 

       



     

       
360

       
 

       
  spec = pkgs.writeText "users-groups.json" (builtins.toJSON {


     

       
361

       
 

       
    inherit (cfg) mutableUsers;


     
···

       
364

       
 

       
          name uid group description home shell createHome isSystemUser


     

       
365

       
 

       
          password passwordFile hashedPassword


     

       
366

       
 

       
          initialPassword initialHashedPassword;


     

       
367

       
-

       
      }) cfg.extraUsers;


     

       
368

       
 

       
    groups = mapAttrsToList (n: g:


     

       
369

       
 

       
      { inherit (g) name gid;


     

       
370

       
 

       
        members = g.members ++ (mapAttrsToList (n: u: u.name) (


     

       
371

       
-

       
          filterAttrs (n: u: elem g.name u.extraGroups) cfg.extraUsers


     

       
372

       
 

       
        ));


     

       
373

       
-

       
      }) cfg.extraGroups;


     

       
374

       
 

       
  });


     

       
375

       
 

       



     

       
376

       
 

       
in {


     
···

       
388

       
 

       
        <literal>groupadd</literal> commands. On system activation, the


     

       
389

       
 

       
        existing contents of the <literal>/etc/passwd</literal> and


     

       
390

       
 

       
        <literal>/etc/group</literal> files will be merged with the


     

       
391

       
-

       
        contents generated from the <literal>users.extraUsers</literal> and


     

       
392

       
-

       
        <literal>users.extraGroups</literal> options.


     

       
393

       
 

       
        The initial password for a user will be set


     

       
394

       
-

       
        according to <literal>users.extraUsers</literal>, but existing passwords


     

       
395

       
 

       
        will not be changed.


     

       
396

       
 

       



     

       
397

       
 

       
        <warning><para>


     
···

       
399

       
 

       
        group files will simply be replaced on system activation. This also


     

       
400

       
 

       
        holds for the user passwords; all changed


     

       
401

       
 

       
        passwords will be reset according to the


     

       
402

       
-

       
        <literal>users.extraUsers</literal> configuration on activation.


     

       
403

       
 

       
        </para></warning>


     

       
404

       
 

       
      '';


     

       
405

       
 

       
    };


     
···

       
412

       
 

       
      '';


     

       
413

       
 

       
    };


     

       
414

       
 

       



     

       
415

       
-

       
    users.extraUsers = mkOption {


     

       
416

       
 

       
      default = {};


     

       
417

       
 

       
      type = types.loaOf types.optionSet;


     

       
418

       
 

       
      example = {


     
···

       
433

       
 

       
      options = [ userOpts ];


     

       
434

       
 

       
    };


     

       
435

       
 

       



     

       
436

       
-

       
    users.extraGroups = mkOption {


     

       
437

       
 

       
      default = {};


     

       
438

       
 

       
      example =


     

       
439

       
 

       
        { students.gid = 1001;


     
···

       
461

       
 

       



     

       
462

       
 

       
  config = {


     

       
463

       
 

       



     

       
464

       
-

       
    users.extraUsers = {


     

       
465

       
 

       
      root = {


     

       
466

       
 

       
        uid = ids.uids.root;


     

       
467

       
 

       
        description = "System administrator";


     
···

       
478

       
 

       
      };


     

       
479

       
 

       
    };


     

       
480

       
 

       



     

       
481

       
-

       
    users.extraGroups = {


     

       
482

       
 

       
      root.gid = ids.gids.root;


     

       
483

       
 

       
      wheel.gid = ids.gids.wheel;


     

       
484

       
 

       
      disk.gid = ids.gids.disk;


     
···

       
541

       
 

       
             || cfg.passwordFile != null


     

       
542

       
 

       
             || cfg.openssh.authorizedKeys.keys != []


     

       
543

       
 

       
             || cfg.openssh.authorizedKeys.keyFiles != [])


     

       
544

       
-

       
          ) cfg.extraUsers);


     

       
545

       
 

       
        message = ''


     

       
546

       
 

       
          Neither the root account nor any wheel user has a password or SSH authorized key.


     

       
547

       
 

       
          You must set one to prevent being locked out of your system.'';


     
···

       
336

       
 

       
    map (range: "${user.name}:${toString range.startUid}:${toString range.count}\n")


     

       
337

       
 

       
      user.subUidRanges);


     

       
338

       
 

       



     

       
339

       
+

       
  subuidFile = concatStrings (map mkSubuidEntry (attrValues cfg.users));


     

       
340

       
 

       



     

       
341

       
 

       
  mkSubgidEntry = user: concatStrings (


     

       
342

       
 

       
    map (range: "${user.name}:${toString range.startGid}:${toString range.count}\n")


     

       
343

       
 

       
        user.subGidRanges);


     

       
344

       
 

       



     

       
345

       
+

       
  subgidFile = concatStrings (map mkSubgidEntry (attrValues cfg.users));


     

       
346

       
 

       



     

       
347

       
 

       
  idsAreUnique = set: idAttr: !(fold (name: args@{ dup, acc }:


     

       
348

       
 

       
    let


     
···

       
354

       
 

       
      else { dup = false; acc = newAcc; }


     

       
355

       
 

       
    ) { dup = false; acc = {}; } (builtins.attrNames set)).dup;


     

       
356

       
 

       



     

       
357

       
+

       
  uidsAreUnique = idsAreUnique (filterAttrs (n: u: u.uid != null) cfg.users) "uid";


     

       
358

       
+

       
  gidsAreUnique = idsAreUnique (filterAttrs (n: g: g.gid != null) cfg.groups) "gid";


     

       
359

       
 

       



     

       
360

       
 

       
  spec = pkgs.writeText "users-groups.json" (builtins.toJSON {


     

       
361

       
 

       
    inherit (cfg) mutableUsers;


     
···

       
364

       
 

       
          name uid group description home shell createHome isSystemUser


     

       
365

       
 

       
          password passwordFile hashedPassword


     

       
366

       
 

       
          initialPassword initialHashedPassword;


     

       
367

       
+

       
      }) cfg.users;


     

       
368

       
 

       
    groups = mapAttrsToList (n: g:


     

       
369

       
 

       
      { inherit (g) name gid;


     

       
370

       
 

       
        members = g.members ++ (mapAttrsToList (n: u: u.name) (


     

       
371

       
+

       
          filterAttrs (n: u: elem g.name u.extraGroups) cfg.users


     

       
372

       
 

       
        ));


     

       
373

       
+

       
      }) cfg.groups;


     

       
374

       
 

       
  });


     

       
375

       
 

       



     

       
376

       
 

       
in {


     
···

       
388

       
 

       
        <literal>groupadd</literal> commands. On system activation, the


     

       
389

       
 

       
        existing contents of the <literal>/etc/passwd</literal> and


     

       
390

       
 

       
        <literal>/etc/group</literal> files will be merged with the


     

       
391

       
+

       
        contents generated from the <literal>users.users</literal> and


     

       
392

       
+

       
        <literal>users.groups</literal> options.


     

       
393

       
 

       
        The initial password for a user will be set


     

       
394

       
+

       
        according to <literal>users.users</literal>, but existing passwords


     

       
395

       
 

       
        will not be changed.


     

       
396

       
 

       



     

       
397

       
 

       
        <warning><para>


     
···

       
399

       
 

       
        group files will simply be replaced on system activation. This also


     

       
400

       
 

       
        holds for the user passwords; all changed


     

       
401

       
 

       
        passwords will be reset according to the


     

       
402

       
+

       
        <literal>users.users</literal> configuration on activation.


     

       
403

       
 

       
        </para></warning>


     

       
404

       
 

       
      '';


     

       
405

       
 

       
    };


     
···

       
412

       
 

       
      '';


     

       
413

       
 

       
    };


     

       
414

       
 

       



     

       
415

       
+

       
    users.users = mkOption {


     

       
416

       
 

       
      default = {};


     

       
417

       
 

       
      type = types.loaOf types.optionSet;


     

       
418

       
 

       
      example = {


     
···

       
433

       
 

       
      options = [ userOpts ];


     

       
434

       
 

       
    };


     

       
435

       
 

       



     

       
436

       
+

       
    users.groups = mkOption {


     

       
437

       
 

       
      default = {};


     

       
438

       
 

       
      example =


     

       
439

       
 

       
        { students.gid = 1001;


     
···

       
461

       
 

       



     

       
462

       
 

       
  config = {


     

       
463

       
 

       



     

       
464

       
+

       
    users.users = {


     

       
465

       
 

       
      root = {


     

       
466

       
 

       
        uid = ids.uids.root;


     

       
467

       
 

       
        description = "System administrator";


     
···

       
478

       
 

       
      };


     

       
479

       
 

       
    };


     

       
480

       
 

       



     

       
481

       
+

       
    users.groups = {


     

       
482

       
 

       
      root.gid = ids.gids.root;


     

       
483

       
 

       
      wheel.gid = ids.gids.wheel;


     

       
484

       
 

       
      disk.gid = ids.gids.disk;


     
···

       
541

       
 

       
             || cfg.passwordFile != null


     

       
542

       
 

       
             || cfg.openssh.authorizedKeys.keys != []


     

       
543

       
 

       
             || cfg.openssh.authorizedKeys.keyFiles != [])


     

       
544

       
+

       
          ) cfg.users);


     

       
545

       
 

       
        message = ''


     

       
546

       
 

       
          Neither the root account nor any wheel user has a password or SSH authorized key.


     

       
547

       
 

       
          You must set one to prevent being locked out of your system.'';
+2
nixos/modules/rename.nix 
···

       
77

       
 

       
++ obsolete [ "environment" "nix" ] [ "nix" "package" ]


     

       
78

       
 

       
++ obsolete [ "fonts" "enableFontConfig" ] [ "fonts" "fontconfig" "enable" ]


     

       
79

       
 

       
++ obsolete [ "fonts" "extraFonts" ] [ "fonts" "fonts" ]


     

       

       

       
     

       

       

       
     

       
80

       
 

       



     

       
81

       
 

       
++ obsolete [ "security" "extraSetuidPrograms" ] [ "security" "setuidPrograms" ]


     

       
82

       
 

       
++ obsolete [ "networking" "enableWLAN" ] [ "networking" "wireless" "enable" ]


     
···

       
77

       
 

       
++ obsolete [ "environment" "nix" ] [ "nix" "package" ]


     

       
78

       
 

       
++ obsolete [ "fonts" "enableFontConfig" ] [ "fonts" "fontconfig" "enable" ]


     

       
79

       
 

       
++ obsolete [ "fonts" "extraFonts" ] [ "fonts" "fonts" ]


     

       
80

       
+

       
++ alias [ "users" "extraUsers" ] [ "users" "users" ]


     

       
81

       
+

       
++ alias [ "users" "extraGroups" ] [ "users" "groups" ]


     

       
82

       
 

       



     

       
83

       
 

       
++ obsolete [ "security" "extraSetuidPrograms" ] [ "security" "setuidPrograms" ]


     

       
84

       
 

       
++ obsolete [ "networking" "enableWLAN" ] [ "networking" "wireless" "enable" ]
+1 -1
nixos/modules/services/networking/ssh/sshd.nix 
···

       
214

       
 

       



     

       
215

       
 

       
    };


     

       
216

       
 

       



     

       
217

       
-

       
    users.extraUsers = mkOption {


     

       
218

       
 

       
      options = [ userOptions ];


     

       
219

       
 

       
    };


     

       
220

       
 

       



     
···

       
214

       
 

       



     

       
215

       
 

       
    };


     

       
216

       
 

       



     

       
217

       
+

       
    users.users = mkOption {


     

       
218

       
 

       
      options = [ userOptions ];


     

       
219

       
 

       
    };


     

       
220