docs: add home directory and enabled hosts info

- Document UUID-based home directories with symlinks - List currently enabled hosts (testvm01-03) - Add cache-invalidate command to troubleshooting Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-08 14:45:37 +01:00
parent 8bc4eee38e
commit cae1663526
1 changed files with 22 additions and 0 deletions
--- a/docs/user-management.md
+++ b/docs/user-management.md
@@ -89,6 +89,12 @@ This configures:
 - `services.kanidm.enablePam = true`
 - Client connection to auth.home.2rjus.net
 - Login authorization for `ssh-users` group
+- Short usernames (`torjus` instead of `torjus@home.2rjus.net`)
+- Home directory symlinks (`/home/torjus` → UUID-based directory)
+
+### Enabled Hosts
+
+- testvm01, testvm02, testvm03 (test tier)

 ### Options

@@ -100,6 +106,17 @@ homelab.kanidm = {
 };
 ```

+### Home Directories
+
+Home directories use UUID-based paths for stability (so renaming a user doesn't
+require moving their home directory). Symlinks provide convenient access:
+
+```
+/home/torjus -> /home/e4f4c56c-4aee-4c20-846f-90cb69807733
+```
+
+The symlinks are created by `kanidm-unixd-tasks` on first login.
+
 ## Testing

 ### Verify NSS Resolution
@@ -174,6 +191,11 @@ kanidm group posix set ssh-users --gidnumber 68000
   systemctl restart nscd
   ```

+6. Invalidate kanidm cache:
+   ```bash
+   kanidm-unix cache-invalidate
+   ```
+
 ### Changes not taking effect after deployment

 NixOS uses nsncd (a Rust reimplementation of nscd) for NSS caching. After deploying