* Options users.extraUsers and users.extraGroups to specify additional

users and groups that the system should create automatically.

svn path=/nixos/trunk/; revision=9705

helpers/create-users-groups.sh

@@ -26,6 +26,7 @@ cat "$1" | while true; do
     read extraGroups
     read home
     read shell
+    read createHome
 
     if ! curEnt=$(getent passwd "$name"); then
         echo "creating user $name..."
@@ -36,7 +37,8 @@ cat "$1" | while true; do
             --gid "$group" \
             --groups "$extraGroups" \
             --home "$home" \
-            --shell "$shell"
+            --shell "$shell" \
+            ${createHome:+--create-home}
     else
         echo "updating user $name..."
         oldIFS="$IFS"; IFS=:; set -- $curEnt; IFS="$oldIFS"

system/options.nix

@@ -1388,6 +1388,35 @@ root        ALL=(ALL) SETENV: ALL
 
   users = {
 
+    extraUsers = mkOption {
+      default = [];
+      example = [
+        { name = "alice";
+          uid = 1234;
+          description = "Alice";
+          home = "/home/alice";
+          createHome = true;
+          group = "users";
+          extraGroups = ["wheel"];
+        }
+      ];
+      description = "
+        Additional user accounts to be created automatically by the system.
+      ";
+    };
+
+    extraGroups = mkOption {
+      default = [];
+      example = [
+        { name = "students";
+          gid = 1001;
+        }
+      ];
+      description = "
+        Additional groups to be created automatically by the system.
+      ";
+    };
+
     ldap = {
 
       enable = mkOption {

system/system.nix

@@ -262,7 +262,7 @@ rec {
   };
 
 
-  usersGroups = import ./users-groups.nix { inherit pkgs upstartJobs defaultShell; };
+  usersGroups = import ./users-groups.nix { inherit pkgs config upstartJobs defaultShell; };
 
 
   defaultShell = "/var/run/current-system/sw/bin/bash";

system/users-groups.nix

@@ -1,11 +1,11 @@
-{pkgs, upstartJobs, defaultShell}:
+{pkgs, config, upstartJobs, defaultShell}:
 
 let ids = import ./ids.nix; in
 
 rec {
 
-  # System user accounts.
-  systemUsers =
+  # User accounts to be created/updated by NixOS.
+  users =
     let
       jobUsers = pkgs.lib.concatLists (map (job: job.users) upstartJobs.jobs);
       
@@ -40,15 +40,17 @@ rec {
         , group ? "nogroup"
         , extraGroups ? []
         , home ? "/var/empty"
-        , shell ? "/noshell"
+        , shell ? (if useDefaultShell then defaultShell else "/noshell")
+        , createHome ? false
+        , useDefaultShell ? false
         }:
-        { inherit name description uid group extraGroups home shell; };
+        { inherit name description uid group extraGroups home shell createHome; };
 
-    in map addAttrs (defaultUsers ++ jobUsers ++ nixBuildUsers);
+    in map addAttrs (defaultUsers ++ jobUsers ++ nixBuildUsers ++ config.users.extraUsers);
 
 
-  # System groups.
-  systemGroups =
+  # Groups to be created/updated by NixOS.
+  groups =
     let
       jobGroups = pkgs.lib.concatLists (map (job: job.groups) upstartJobs.jobs);
 
@@ -75,12 +77,12 @@ rec {
         { name, gid ? "" }:
         { inherit name gid; };
 
-    in map addAttrs (defaultGroups ++ jobGroups);
+    in map addAttrs (defaultGroups ++ jobGroups ++ config.users.extraGroups);
 
 
   # Awful hackery necessary to pass the users/groups to the activation script.
   createUsersGroups = ../helpers/create-users-groups.sh;
-  usersList = pkgs.writeText "users" (pkgs.lib.concatStrings (map (u: "${u.name}\n${u.description}\n${toString u.uid}\n${u.group}\n${toString u.extraGroups}\n${u.home}\n${u.shell}\n") systemUsers));
-  groupsList = pkgs.writeText "groups" (pkgs.lib.concatStrings (map (g: "${g.name}\n${toString g.gid}\n") systemGroups));
+  usersList = pkgs.writeText "users" (pkgs.lib.concatStrings (map (u: "${u.name}\n${u.description}\n${toString u.uid}\n${u.group}\n${toString u.extraGroups}\n${u.home}\n${u.shell}\n${toString u.createHome}\n") users));
+  groupsList = pkgs.writeText "groups" (pkgs.lib.concatStrings (map (g: "${g.name}\n${toString g.gid}\n") groups));
     
 }