~kaction/config

ref: 871614e344d8ece5ad973fd71d112e24c2a35586 config/system-v2/default.nix -rw-r--r-- 1.4 KiB
871614e3 — Dmitry Bogatov nix-sys: add "kaction" user into "video" group 8 months ago
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
{ nix-sys, writeText, stdenv, universe-key, callPackage, doas }:
let
  inherit (universe-key) decrypt;
  symlink = path: {
    action = "symlink";
    inherit path;
  };
  symlink' = expr: symlink (callPackage expr { });
  touch = {
    path = writeText "empty.txt" "";
    action = "copy";
    mode = "000";
  };
  suid = path: {
    action = "copy";
    mode = "4555";
    inherit path;
  };
  manifest = self: {
    "/etc/group" = symlink ./group;
    "/etc/gshadow" = { action = "unlink"; };
    "/etc/hosts" = symlink' ./hosts.nix;
    "/etc/doas.conf" = symlink ./doas.conf;
    "/etc/local/loadkeys.start" = symlink' ./tty-keymap.nix;
    "/etc/nix/nix.conf" = symlink ./nix.conf;
    "/etc/nsswitch.conf" = symlink ./nsswitch.conf;
    "/etc/passwd" = symlink ./passwd;
    "/etc/runit/runsvdir/default/nix-daemon" = symlink' ./nix-daemon/runit.nix;
    "/etc/runit/runsvdir/default/openvpn" = symlink' ./openvpn;
    "/etc/resolv.conf" = {
      path = ./openvpn/resolv.conf;
      action = "copy";
      mode = "444";
    };
    "/etc/shadow" = symlink (decrypt ./shadow.enchive);
    "/etc/sysctl.conf" = symlink ./sysctl.conf;

    "/etc/runit/runsvdir/default/activate" =
      symlink (callPackage ./activate { manifest = self; });

    "/var/log/runit/activate/.keep" = touch;
    "/usr/local/bin/doas" = suid "${doas}/bin/doas";
    "/etc/xbps.d/xbps.conf" = symlink ./xbps.conf;
  };
in nix-sys.override { manifest = stdenv.lib.fix manifest; }