mirror of
https://github.com/NixOS/nixpkgs.git
synced 2025-11-11 02:07:27 +01:00
95 lines
2.2 KiB
Nix
95 lines
2.2 KiB
Nix
{
|
|
config,
|
|
lib,
|
|
utils,
|
|
...
|
|
}:
|
|
|
|
let
|
|
cfg = config.services.homed;
|
|
in
|
|
|
|
{
|
|
options.services.homed = {
|
|
enable = lib.mkEnableOption "systemd home area/user account manager";
|
|
|
|
promptOnFirstBoot =
|
|
lib.mkEnableOption ''
|
|
interactively prompting for user creation on first boot
|
|
''
|
|
// {
|
|
default = true;
|
|
};
|
|
|
|
settings.Home = lib.mkOption {
|
|
default = { };
|
|
type = lib.types.submodule {
|
|
freeformType = lib.types.attrsOf utils.systemdUtils.unitOptions.unitOption;
|
|
};
|
|
example = {
|
|
DefaultStorage = "luks";
|
|
DefaultFileSystemType = "btrfs";
|
|
};
|
|
description = ''
|
|
Options for systemd-homed. See {manpage}`homed.conf(5)` man page for
|
|
available options.
|
|
'';
|
|
};
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
assertions = [
|
|
{
|
|
assertion = config.services.nscd.enable;
|
|
message = ''
|
|
systemd-homed requires the use of the systemd nss module.
|
|
services.nscd.enable must be set to true.
|
|
'';
|
|
}
|
|
];
|
|
|
|
systemd.additionalUpstreamSystemUnits = [
|
|
"systemd-homed.service"
|
|
"systemd-homed-activate.service"
|
|
"systemd-homed-firstboot.service"
|
|
];
|
|
|
|
# homed exposes SSH public keys and other user metadata using userdb
|
|
services.userdbd = {
|
|
enable = true;
|
|
enableSSHSupport = lib.mkDefault config.services.openssh.enable;
|
|
};
|
|
|
|
# Enable creation and mounting of LUKS home areas with all filesystems
|
|
# supported by systemd-homed.
|
|
boot.supportedFilesystems = [
|
|
"btrfs"
|
|
"ext4"
|
|
"xfs"
|
|
];
|
|
|
|
environment.etc."systemd/homed.conf".text = ''
|
|
[Home]
|
|
${utils.systemdUtils.lib.attrsToSection cfg.settings.Home}
|
|
'';
|
|
|
|
systemd.services = {
|
|
systemd-homed = {
|
|
# These packages are required to manage home areas with LUKS storage
|
|
path = config.system.fsPackages;
|
|
aliases = [ "dbus-org.freedesktop.home1.service" ];
|
|
wantedBy = [ "multi-user.target" ];
|
|
};
|
|
|
|
systemd-homed-activate = {
|
|
wantedBy = [ "systemd-homed.service" ];
|
|
};
|
|
|
|
systemd-homed-firstboot = {
|
|
enable = cfg.promptOnFirstBoot;
|
|
wantedBy = [ "systemd-homed.service" ];
|
|
};
|
|
};
|
|
};
|
|
}
|