From 4c1f3c4de6d1ad86f4404a93779a1597cb944960 Mon Sep 17 00:00:00 2001 From: Aleksandr Lebedev Date: Tue, 28 Apr 2026 18:10:34 +0200 Subject: [PATCH] Mediamanager + update --- flake.lock | 92 ++++++++++---------- modules/nixos/users/mediamanager/default.nix | 43 +++++++++ systems/x86_64-linux/stargate/default.nix | 5 ++ 3 files changed, 94 insertions(+), 46 deletions(-) create mode 100644 modules/nixos/users/mediamanager/default.nix diff --git a/flake.lock b/flake.lock index 8d2ea83..89c610d 100644 --- a/flake.lock +++ b/flake.lock @@ -25,11 +25,11 @@ }, "crane": { "locked": { - "lastModified": 1773189535, - "narHash": "sha256-E1G/Or6MWeP+L6mpQ0iTFLpzSzlpGrITfU2220Gq47g=", + "lastModified": 1777242778, + "narHash": "sha256-VWTeqWeb8Sel/QiWyaPvCa9luAbcGawR+Rw09FJoHz0=", "owner": "ipetkov", "repo": "crane", - "rev": "6fa2fb4cf4a89ba49fc9dd5a3eb6cde99d388269", + "rev": "ad8b31ad0ba8448bd958d7a5d50d811dc5d271c0", "type": "github" }, "original": { @@ -90,11 +90,11 @@ ] }, "locked": { - "lastModified": 1773889306, - "narHash": "sha256-PAqwnsBSI9SVC2QugvQ3xeYCB0otOwCacB1ueQj2tgw=", + "lastModified": 1776613567, + "narHash": "sha256-gC9Cp5ibBmGD5awCA9z7xy6MW6iJufhazTYJOiGlCUI=", "owner": "nix-community", "repo": "disko", - "rev": "5ad85c82cc52264f4beddc934ba57f3789f28347", + "rev": "32f4236bfc141ae930b5ba2fb604f561fed5219d", "type": "github" }, "original": { @@ -510,11 +510,11 @@ "rust-overlay": "rust-overlay_2" }, "locked": { - "lastModified": 1776248416, - "narHash": "sha256-TC6yzbCAex1pDfqUZv9u8fVm8e17ft5fNrcZ0JRDOIQ=", + "lastModified": 1777299656, + "narHash": "sha256-c0r3xXp2+xFJwkryS+nhyQwoACbFzSt4C1TVs3QMh8E=", "owner": "nix-community", "repo": "lanzaboote", - "rev": "18e9e64bae15b828c092658335599122a6db939b", + "rev": "079c608988c2747db3902c9de033572cd50e8656", "type": "github" }, "original": { @@ -525,11 +525,11 @@ }, "master": { "locked": { - "lastModified": 1776539545, - "narHash": "sha256-P284MQuisNzLK0wihII0L6yorAIF9XfrvmH9L7gcyzo=", + "lastModified": 1777391665, + "narHash": "sha256-xl/kkSSRdFJciJVCm8roSXznxynI4lTXhCois9i+qdA=", "owner": "nixos", "repo": "nixpkgs", - "rev": "8c8c8dc85ede4126aee1ae7b727bf1576860fcf9", + "rev": "ea4c20b1d2b03b6eaf189013cdeed44c1bedfe93", "type": "github" }, "original": { @@ -617,11 +617,11 @@ }, "nixos-hardware": { "locked": { - "lastModified": 1775490113, - "narHash": "sha256-2ZBhDNZZwYkRmefK5XLOusCJHnoeKkoN95hoSGgMxWM=", + "lastModified": 1776983936, + "narHash": "sha256-ZOQyNqSvJ8UdrrqU1p7vaFcdL53idK+LOM8oRWEWh6o=", "owner": "NixOS", "repo": "nixos-hardware", - "rev": "c775c2772ba56e906cbeb4e0b2db19079ef11ff7", + "rev": "2096f3f411ce46e88a79ae4eafcfc9df8ed41c61", "type": "github" }, "original": { @@ -637,11 +637,11 @@ "nixpkgs": "nixpkgs_4" }, "locked": { - "lastModified": 1776255237, - "narHash": "sha256-LQjlc0VEn55WAT4BiI8sIsokb/2FNlcbBD+Xr3MTE24=", + "lastModified": 1776910211, + "narHash": "sha256-0ku3gW8bZ9TTpEU2fQw86oU6ZLT2vF6pacF+cLaf7VY=", "owner": "nix-community", "repo": "NixOS-WSL", - "rev": "9a8c2a85f1ffdcecfb0f9c52c5a73c49ceb43911", + "rev": "4e6cad241baa0115a7aae8c55b04c166da4997c9", "type": "github" }, "original": { @@ -685,11 +685,11 @@ }, "nixpkgs_3": { "locked": { - "lastModified": 1773389992, - "narHash": "sha256-wvfdLLWJ2I9oEpDd9PfMA8osfIZicoQ5MT1jIwNs9Tk=", + "lastModified": 1776877367, + "narHash": "sha256-EHq1/OX139R1RvBzOJ0aMRT3xnWyqtHBRUBuO1gFzjI=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "c06b4ae3d6599a672a6210b7021d699c351eebda", + "rev": "0726a0ecb6d4e08f6adced58726b95db924cef57", "type": "github" }, "original": { @@ -701,11 +701,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1773734432, - "narHash": "sha256-IF5ppUWh6gHGHYDbtVUyhwy/i7D261P7fWD1bPefOsw=", + "lastModified": 1776169885, + "narHash": "sha256-l/iNYDZ4bGOAFQY2q8y5OAfBBtrDAaPuRQqWaFHVRXM=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "cda48547b432e8d3b18b4180ba07473762ec8558", + "rev": "4bd9165a9165d7b5e33ae57f3eecbcb28fb231c9", "type": "github" }, "original": { @@ -717,11 +717,11 @@ }, "nixpkgs_5": { "locked": { - "lastModified": 1776434932, - "narHash": "sha256-gyqXNMgk3sh+ogY5svd2eNLJ6oEwzbAeaoBrrxD0lKk=", + "lastModified": 1777077449, + "narHash": "sha256-AIiMJiqvGrN4HyLEbKAoCSRRYn0rnlW5VbKNIMIYqm4=", "owner": "nixos", "repo": "nixpkgs", - "rev": "c7f47036d3df2add644c46d712d14262b7d86c0c", + "rev": "a4bf06618f0b5ee50f14ed8f0da77d34ecc19160", "type": "github" }, "original": { @@ -757,11 +757,11 @@ ] }, "locked": { - "lastModified": 1772893680, - "narHash": "sha256-JDqZMgxUTCq85ObSaFw0HhE+lvdOre1lx9iI6vYyOEs=", + "lastModified": 1776796298, + "narHash": "sha256-PcRvlWayisPSjd0UcRQbhG8Oqw78AcPE6x872cPRHN8=", "owner": "cachix", "repo": "pre-commit-hooks.nix", - "rev": "8baab586afc9c9b57645a734c820e4ac0a604af9", + "rev": "3cfd774b0a530725a077e17354fbdb87ea1c4aad", "type": "github" }, "original": { @@ -779,11 +779,11 @@ ] }, "locked": { - "lastModified": 1775585728, - "narHash": "sha256-8Psjt+TWvE4thRKktJsXfR6PA/fWWsZ04DVaY6PUhr4=", + "lastModified": 1776796298, + "narHash": "sha256-PcRvlWayisPSjd0UcRQbhG8Oqw78AcPE6x872cPRHN8=", "owner": "cachix", "repo": "git-hooks.nix", - "rev": "580633fa3fe5fc0379905986543fd7495481913d", + "rev": "3cfd774b0a530725a077e17354fbdb87ea1c4aad", "type": "github" }, "original": { @@ -843,11 +843,11 @@ ] }, "locked": { - "lastModified": 1773544328, - "narHash": "sha256-Iv+qez54LAz+isij4APBk31VWA//Go81hwFOXr5iWTw=", + "lastModified": 1777173302, + "narHash": "sha256-ERiu3cbxvnTDxiDcimRA7af7xp6x1y0sRyLGm28Qzz8=", "owner": "oxalica", "repo": "rust-overlay", - "rev": "4f977d776793c8bfbfdd7eca7835847ccc48874e", + "rev": "aaec8c50baeaf2f2ba653e8aae71778a2bbbac94", "type": "github" }, "original": { @@ -906,11 +906,11 @@ "nixpkgs": "nixpkgs_6" }, "locked": { - "lastModified": 1776119890, - "narHash": "sha256-Zm6bxLNnEOYuS/SzrAGsYuXSwk3cbkRQZY0fJnk8a5M=", + "lastModified": 1777338324, + "narHash": "sha256-bc+ZZCmOTNq86/svGnw0tVpH7vJaLYvGLLKFYP08Q8E=", "owner": "Mic92", "repo": "sops-nix", - "rev": "d4971dd58c6627bfee52a1ad4237637c0a2fb0cd", + "rev": "8eaee5c45428b28b8c47a83e4c09dccec5f279b5", "type": "github" }, "original": { @@ -1023,11 +1023,11 @@ }, "unstable": { "locked": { - "lastModified": 1776169885, - "narHash": "sha256-l/iNYDZ4bGOAFQY2q8y5OAfBBtrDAaPuRQqWaFHVRXM=", + "lastModified": 1777268161, + "narHash": "sha256-bxrdOn8SCOv8tN4JbTF/TXq7kjo9ag4M+C8yzzIRYbE=", "owner": "nixos", "repo": "nixpkgs", - "rev": "4bd9165a9165d7b5e33ae57f3eecbcb28fb231c9", + "rev": "1c3fe55ad329cbcb28471bb30f05c9827f724c76", "type": "github" }, "original": { @@ -1062,11 +1062,11 @@ ] }, "locked": { - "lastModified": 1776788870, - "narHash": "sha256-2sRcPiXRDUY8utqMwn4RMR11gjzOqDnMoWEdrthEXUQ=", + "lastModified": 1777118670, + "narHash": "sha256-Z5d/4r1/vU+yxtPo61EVfQiqtt/prpey+0xwTWj9ZBE=", "ref": "refs/heads/master", - "rev": "d5b4b34aba2b43388659b4ffa8c3b022da1c58c1", - "revCount": 20, + "rev": "ac7fe11fb9843cee74825419faf709d429cfc48d", + "revCount": 21, "type": "git", "url": "https://git.kylekrein.com/kylekrein/website.git" }, diff --git a/modules/nixos/users/mediamanager/default.nix b/modules/nixos/users/mediamanager/default.nix new file mode 100644 index 0000000..733c8e0 --- /dev/null +++ b/modules/nixos/users/mediamanager/default.nix @@ -0,0 +1,43 @@ +{ + lib, + pkgs, + inputs, + namespace, + system, + target, + format, + virtual, + systems, + config, + ... +}: +with lib; +with lib.${namespace}; let + username = "mediamanager"; + admin = false; + extraGroups = ["mediamanager"]; + trustedSshKeys = [ + #KK + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIF1gj+j+09T8n2HjpBod13WGroWn1cLmNUDmQfGVZllM kylekrein@fleetcarrier" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPx+q1QnVnF/bG02Q8eBjwKEX9li2ZrsJmmN+N/7Sl5Z kylekrein@anaconda" + #A + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICTZaLuOuuoeaYOuXH0KTe91X5nFfUvve3305ADajnvj alidrisel@localhost.localdomain" + ]; + + cfg = config.${namespace}.users.${username}; +in { + options.${namespace}.users.${username} = with types; { + enable = mkBoolOpt false "Enable ${username} user"; + config = mkOpt types.attrs {} "Additional home manager config for ${username}"; + }; + + config = mkUser { + inherit config; + inherit (cfg) enable; + homeConfig = cfg.config; + inherit username; + inherit admin; + inherit extraGroups; + inherit trustedSshKeys; + }; +} diff --git a/systems/x86_64-linux/stargate/default.nix b/systems/x86_64-linux/stargate/default.nix index e13abe3..392c27d 100644 --- a/systems/x86_64-linux/stargate/default.nix +++ b/systems/x86_64-linux/stargate/default.nix @@ -139,6 +139,11 @@ in { enable = true; config = {}; }; + users.groups.mediamanager = {}; + custom.users.mediamanager = { + enable = true; + config = {}; + }; networking.firewall.allowedTCPPorts = [80 443 22]; # ======================== DO NOT CHANGE THIS ======================== system.stateVersion = "25.05";