From 67e5fddc0bfe624c6b53b673582e92a28cf530f9 Mon Sep 17 00:00:00 2001
From: tv <tv@krebsco.de>
Date: Sun, 21 Feb 2016 07:39:24 +0100
Subject: [PATCH] krebs.users.krebs: init

---
 krebs/3modules/default.nix | 15 ++++++++++-----
 krebs/3modules/git.nix     |  6 ++++--
 krebs/3modules/lib.nix     |  2 +-
 krebs/4lib/default.nix     |  7 +++++--
 krebs/4lib/types.nix       | 11 ++++-------
 5 files changed, 24 insertions(+), 17 deletions(-)

diff --git a/krebs/3modules/default.nix b/krebs/3modules/default.nix
index 7a343d333..aeeabfe53 100644
--- a/krebs/3modules/default.nix
+++ b/krebs/3modules/default.nix
@@ -104,11 +104,16 @@ let
         retiolum = "hosts";
       };
 
-      krebs.users.root = {
-        home = "/root";
-        name = "root";
-        pubkey = config.krebs.build.host.ssh.pubkey;
-        uid = 0;
+      krebs.users = {
+        krebs = {
+          home = "/krebs";
+          mail = "spam@krebsco.de";
+        };
+        root = {
+          home = "/root";
+          pubkey = config.krebs.build.host.ssh.pubkey;
+          uid = 0;
+        };
       };
 
       networking.extraHosts = concatStringsSep "\n" (flatten (
diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix
index a9542718d..0cc2f11c9 100644
--- a/krebs/3modules/git.nix
+++ b/krebs/3modules/git.nix
@@ -232,13 +232,15 @@ let
         ]) (filter (rule: rule.perm.allow-receive-ref != null) cfg.rules));
       };
 
-    users.extraUsers = singleton rec {
+    # TODO cfg.user
+    users.users.git = rec {
       description = "Git repository hosting user";
       name = "git";
       shell = "/bin/sh";
       openssh.authorizedKeys.keys =
         mapAttrsToList (_: makeAuthorizedKey git-ssh-command)
-          config.krebs.users;
+                       (filterAttrs (_: user: isString user.pubkey)
+                                    config.krebs.users);
       uid = genid name;
     };
   };
diff --git a/krebs/3modules/lib.nix b/krebs/3modules/lib.nix
index b19f275b5..ccd6a6afa 100644
--- a/krebs/3modules/lib.nix
+++ b/krebs/3modules/lib.nix
@@ -10,6 +10,6 @@ let
     type = types.attrs;
   };
   imp = {
-    krebs.lib = lib // import ../4lib { inherit lib; } // builtins;
+    krebs.lib = lib // import ../4lib { inherit config lib; } // builtins;
   };
 in out
diff --git a/krebs/4lib/default.nix b/krebs/4lib/default.nix
index 8e5cab71f..e23e42b19 100644
--- a/krebs/4lib/default.nix
+++ b/krebs/4lib/default.nix
@@ -1,4 +1,4 @@
-{ lib, ... }:
+{ config, lib, ... }:
 
 with builtins;
 with lib;
@@ -15,7 +15,10 @@ let out = rec {
 
   addNames = mapAttrs addName;
 
-  types = import ./types.nix { lib = lib // { inherit genid; }; };
+  types = import ./types.nix {
+    inherit config;
+    lib = lib // { inherit genid; };
+  };
 
   dir.has-default-nix = path: pathExists (path + "/default.nix");
 
diff --git a/krebs/4lib/types.nix b/krebs/4lib/types.nix
index 7792b31d5..fcb6ff3d3 100644
--- a/krebs/4lib/types.nix
+++ b/krebs/4lib/types.nix
@@ -1,4 +1,4 @@
-{ lib, ... }:
+{ config, lib, ... }:
 
 with builtins;
 with lib;
@@ -22,11 +22,7 @@ types // rec {
 
       owner = mkOption {
         type = user;
-        # TODO proper user
-        default = {
-          name = "krebs";
-          mail = "spam@krebsco.de";
-        };
+        default = config.krebs.users.krebs;
       };
 
       extraZones = mkOption {
@@ -183,7 +179,8 @@ types // rec {
         default = config._module.args.name;
       };
       pubkey = mkOption {
-        type = str;
+        type = nullOr str;
+        default = null;
       };
       uid = mkOption {
         type = int;