add config for admins

flake.nix

@@ -53,9 +53,12 @@
               enable = true;
               domain = "example.com";
               service_domain = "account.example.com";
-              settings.HYDRA_ADMIN_URL = "http://127.0.0.1:8081";
-              settings.HYDRA_PUBLIC_URL = "http://127.0.0.1:8082";
-              settings.PUBLIC_URL = "http://127.0.0.1:5000";
+              settings = {
+                HYDRA_ADMIN_URL = "http://127.0.0.1:8081";
+                HYDRA_PUBLIC_URL = "http://127.0.0.1:8082";
+                PUBLIC_URL = "http://127.0.0.1:5000";
+                ADMINS = [ "tuxcoder" ];
+              };
             };
             services.ory-hydra = {
               enable = true;

lenticular_cloud/config_development.toml

@@ -25,6 +25,9 @@ SUBJECT_PREFIX = 'something random'
 OAUTH_ID = 'identiy_provider'
 OAUTH_SECRET = 'thisIsNotSecure'
 
+ADMINS = [
+    'tuxcoder'
+]
 
 [LENTICULAR_CLOUD_SERVICES.jabber]
 app_token = true

lenticular_cloud/model.py

@@ -185,7 +185,8 @@ class User(BaseModel, ModelUpdatedMixin):
 
     @property
     def groups(self) -> list['Group']:
-        if self.username == 'tuxcoder':
+        admins = current_app.config['ADMINS']
+        if self.username in admins:
             return [Group(name='admin')]
         else:
             return []

module.nix

@@ -43,6 +43,11 @@ in
               description = mdDoc "public service url";
               default = "https://${cfg.service_domain}";
             };
+            ADMINS = mkOption {
+              type = types.listOf types.str;
+              description = mdDoc "list of admin users";
+              example = [ "tuxcoder" ];
+            };
             DATA_FOLDER = mkOption {
               type = types.str;
               default = "/var/lib/${cfg.username}";