separate the settings

3 files changed, 116 insertions, 115 deletions

diff --git a/common.nix b/common.nix
index e167a01..f5ca1d3 100644
--- a/common.nix
+++ b/common.nix
@@ -15,6 +15,9 @@ in
 
       # home manager for per user config
       "${home-manager}/nixos"
+
+      # our users
+      "/data/nixos/users.nix"
   ];
 
   # This value determines the NixOS release from which the default
@@ -510,7 +513,6 @@ in
 
   # use ZSH per default
   programs.zsh.enable = true;
-  users.defaultUserShell = pkgs.zsh;
   environment.shells = with pkgs; [ zsh ];
 
   # use micro as default terminal editor
@@ -527,118 +529,4 @@ in
   security.sudo.extraConfig = ''
     Defaults lecture = never
   '';
-
-  ###
-  ### per user configuration below
-  ###
-
-  # all users and passwords are defined here
-  users.mutableUsers = false;
-
-  #
-  # administrator
-  #
-
-  users.users.root = {
-    # init password
-    hashedPassword = builtins.readFile "/data/nixos/password.secret";
-
-    # use fixed auth keys
-    openssh.authorizedKeys.keys = pkgs.lib.splitString "\n" (builtins.readFile "/data/nixos/authorized_keys.secret");
-  };
-
-  home-manager.users.root = {
-    # initial version
-    home.stateVersion = "22.11";
-
-    # basic ZSH
-    programs.zsh.enable = true;
-  };
-
-  #
-  # my main user
-  #
-
-  users.users.cullmann = {
-    # hard code UID for stability over machines
-    uid = 1000;
-
-    # normal user
-    isNormalUser = true;
-
-    # it's me :P
-    description = "Christoph Cullmann";
-
-    # allow VirtualBox and sudo for my main user
-    extraGroups = [ "vboxusers" "wheel" ];
-
-    # init password
-    hashedPassword = config.users.users.root.hashedPassword;
-
-    # use fixed auth keys
-    openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys;
-  };
-
-  home-manager.users.cullmann = {
-    # initial version
-    home.stateVersion = "22.11";
-
-    # ZSH with some nice prompt and extra main user configuration
-    programs.zsh = {
-      # zsh with extras wanted
-      enable = true;
-      enableCompletion = true;
-      autosuggestion.enable = true;
-      history.share = false;
-      syntaxHighlighting.enable = true;
-
-      # aliases
-      shellAliases = {
-        # system build/update/cleanup
-        update = "sudo TMPDIR=/var/cache/nix nixos-rebuild boot";
-        upgrade = "sudo TMPDIR=/var/cache/nix nixos-rebuild boot --upgrade";
-        updatenow = "sudo TMPDIR=/var/cache/nix nixos-rebuild switch";
-        upgradenow = "sudo TMPDIR=/var/cache/nix nixos-rebuild switch --upgrade";
-        gc = "sudo nix-collect-garbage --delete-older-than 7d";
-        verify = "sudo nix --extra-experimental-features nix-command store verify --all";
-        optimize = "sudo nix --extra-experimental-features nix-command store optimise";
-
-        # overwrite some tools
-        cat = "bat";
-        ls = "lsd";
-
-        # ssh around in the local network
-        mac = "ssh mac.fritz.box";
-        macroot = "ssh root@mac.fritz.box";
-        mini = "ssh mini.fritz.box";
-        miniroot = "ssh root@mini.fritz.box";
-        neko = "ssh neko.fritz.box";
-        nekoroot = "ssh root@neko.fritz.box";
-      };
-    };
-
-    # nice prompt
-    programs.oh-my-posh = {
-      enable = true;
-      useTheme = "slim";
-    };
-
-    # nice cd
-    programs.zoxide = {
-      enable = true;
-      options = [ "--cmd" "cd" ];
-    };
-
-    # enable keychain
-    programs.keychain = {
-      enable = true;
-      keys = [ "id_ed25519" ];
-    };
-
-    # https://github.com/nix-community/nix-direnv
-    programs.direnv = {
-      enable = true;
-      nix-direnv.enable = true;
-    };
-  };
 }
diff --git a/home.nix b/home.nix
new file mode 100644
index 0000000..8b2eb73
--- /dev/null
+++ b/home.nix
@@ -0,0 +1,62 @@
+{
+  # initial version
+  home.stateVersion = "22.11";
+
+  # ZSH with some nice prompt and extra main user configuration
+  programs.zsh = {
+    # zsh with extras wanted
+    enable = true;
+    enableCompletion = true;
+    autosuggestion.enable = true;
+    history.share = false;
+    syntaxHighlighting.enable = true;
+
+    # aliases
+    shellAliases = {
+      # system build/update/cleanup
+      update = "sudo TMPDIR=/var/cache/nix nixos-rebuild boot";
+      upgrade = "sudo TMPDIR=/var/cache/nix nixos-rebuild boot --upgrade";
+      updatenow = "sudo TMPDIR=/var/cache/nix nixos-rebuild switch";
+      upgradenow = "sudo TMPDIR=/var/cache/nix nixos-rebuild switch --upgrade";
+      gc = "sudo nix-collect-garbage --delete-older-than 7d";
+      verify = "sudo nix --extra-experimental-features nix-command store verify --all";
+      optimize = "sudo nix --extra-experimental-features nix-command store optimise";
+
+      # overwrite some tools
+      cat = "bat";
+      ls = "lsd";
+
+      # ssh around in the local network
+      mac = "ssh mac.fritz.box";
+      macroot = "ssh root@mac.fritz.box";
+      mini = "ssh mini.fritz.box";
+      miniroot = "ssh root@mini.fritz.box";
+      neko = "ssh neko.fritz.box";
+      nekoroot = "ssh root@neko.fritz.box";
+    };
+  };
+
+  # nice prompt
+  programs.oh-my-posh = {
+    enable = true;
+    useTheme = "slim";
+  };
+
+  # nice cd
+  programs.zoxide = {
+    enable = true;
+    options = [ "--cmd" "cd" ];
+  };
+
+  # enable keychain, we use the main user key
+  programs.keychain = {
+    enable = true;
+    keys = [ "/home/cullmann/.ssh/id_ed25519" ];
+  };
+
+  # https://github.com/nix-community/nix-direnv
+  programs.direnv = {
+    enable = true;
+    nix-direnv.enable = true;
+  };
+}
diff --git a/users.nix b/users.nix
new file mode 100644
index 0000000..44c5283
--- /dev/null
+++ b/users.nix
@@ -0,0 +1,51 @@
+{ config, pkgs, ... }:
+
+{
+  users = {
+    # all users and passwords are defined here
+    mutableUsers = false;
+
+    # default shell is ZSH
+    defaultUserShell = pkgs.zsh;
+
+    #
+    # administrator
+    #
+
+    users.root = {
+      # init password
+      hashedPassword = builtins.readFile "/data/nixos/password.secret";
+
+      # use fixed auth keys
+      openssh.authorizedKeys.keys = pkgs.lib.splitString "\n" (builtins.readFile "/data/nixos/authorized_keys.secret");
+    };
+
+    #
+    # my main user
+    #
+
+    users.cullmann = {
+      # hard code UID for stability over machines
+      uid = 1000;
+
+      # normal user
+      isNormalUser = true;
+
+      # it's me :P
+      description = "Christoph Cullmann";
+
+      # allow VirtualBox and sudo for my main user
+      extraGroups = [ "vboxusers" "wheel" ];
+
+      # init password
+      hashedPassword = config.users.users.root.hashedPassword;
+
+      # use fixed auth keys
+      openssh.authorizedKeys.keys = config.users.users.root.openssh.authorizedKeys.keys;
+    };
+  };
+
+  # use shared home manager settings for all users
+  home-manager.users.root = import ./home.nix;
+  home-manager.users.cullmann = import ./home.nix;
+}