2009-05-28 16:37:30 +02:00
|
|
|
{pkgs, config, ...}:
|
|
|
|
|
2009-01-09 01:23:07 +01:00
|
|
|
let
|
2009-05-28 16:37:30 +02:00
|
|
|
inherit (pkgs.lib) mkOption;
|
2009-01-09 01:23:07 +01:00
|
|
|
|
|
|
|
options = {
|
|
|
|
services = {
|
|
|
|
guestUsers = {
|
|
|
|
enable = mkOption {
|
|
|
|
default = false;
|
|
|
|
description = "
|
|
|
|
Whether to enable automatic addition of users with empty passwords
|
|
|
|
";
|
|
|
|
};
|
|
|
|
users = mkOption {
|
|
|
|
default = ["guest"];
|
|
|
|
description = "
|
|
|
|
List of usernames to add
|
|
|
|
";
|
|
|
|
};
|
|
|
|
includeRoot = mkOption {
|
|
|
|
default = false;
|
|
|
|
description = "
|
|
|
|
LEAVE THAT ALONE; whether to reset root password
|
|
|
|
";
|
|
|
|
};
|
|
|
|
extraGroups = mkOption {
|
|
|
|
default = ["audio"];
|
|
|
|
description = "
|
|
|
|
Extra groups to grant
|
|
|
|
";
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
|
|
|
};
|
2009-05-28 16:57:31 +02:00
|
|
|
|
|
|
|
inherit (pkgs.lib) concatStringsSep optionalString;
|
2009-01-09 01:23:07 +01:00
|
|
|
|
2009-05-28 16:57:31 +02:00
|
|
|
cfg = config.services.guestUsers;
|
2009-01-09 01:23:07 +01:00
|
|
|
|
|
|
|
userEntry = user:
|
|
|
|
{
|
|
|
|
name = user;
|
|
|
|
description = "NixOS guest user";
|
|
|
|
home = "/home/${user}";
|
|
|
|
createHome = true;
|
|
|
|
group = "users";
|
2009-05-28 16:57:31 +02:00
|
|
|
extraGroups = cfg.extraGroups;
|
2009-01-09 01:23:07 +01:00
|
|
|
shell = "/bin/sh";
|
|
|
|
};
|
|
|
|
|
2009-05-28 16:57:31 +02:00
|
|
|
nameString = (concatStringsSep " " cfg.users) + optionalString cfg.includeRoot " root";
|
2009-01-09 01:23:07 +01:00
|
|
|
|
|
|
|
in
|
|
|
|
|
2009-05-28 16:57:31 +02:00
|
|
|
pkgs.lib.mkIf cfg.enable {
|
2009-01-09 01:23:07 +01:00
|
|
|
require = options;
|
2009-05-28 16:37:30 +02:00
|
|
|
|
2009-05-28 16:57:31 +02:00
|
|
|
system.activationScripts = {
|
|
|
|
|
|
|
|
clearPasswords = pkgs.lib.fullDepEntry
|
|
|
|
''
|
|
|
|
for i in ${nameString}; do
|
|
|
|
echo | ${pkgs.pwdutils}/bin/passwd --stdin $i
|
|
|
|
done
|
|
|
|
'' ["defaultPath" "users" "groups"];
|
|
|
|
|
|
|
|
};
|
2009-05-28 16:37:30 +02:00
|
|
|
|
2009-05-28 16:57:31 +02:00
|
|
|
services.mingetty.helpLine = "\nThese users have empty passwords: ${nameString}";
|
2009-05-28 16:37:30 +02:00
|
|
|
|
2009-05-28 16:57:31 +02:00
|
|
|
users.extraUsers = map userEntry cfg.users;
|
2009-01-09 01:23:07 +01:00
|
|
|
}
|