50 lines
1.0 KiB
Nix
50 lines
1.0 KiB
Nix
{
|
|
pkgs,
|
|
config,
|
|
lib,
|
|
...
|
|
}:
|
|
let
|
|
ifTheyExist = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
|
|
in
|
|
{
|
|
users.mutableUsers = false;
|
|
users.users.julian = {
|
|
description = "Julian";
|
|
group = "julian";
|
|
isNormalUser = true;
|
|
uid = 1000;
|
|
shell = pkgs.fish;
|
|
extraGroups = ifTheyExist [
|
|
"networkmanager"
|
|
"wheel"
|
|
"audio"
|
|
"network"
|
|
"video"
|
|
"podman"
|
|
"docker"
|
|
"git"
|
|
"gamemode"
|
|
];
|
|
|
|
openssh.authorizedKeys.keys = lib.splitString "\n" (
|
|
builtins.readFile ../../../../homes/julian/ssh.pub
|
|
);
|
|
hashedPasswordFile = config.sops.secrets.julian-password.path;
|
|
packages = [ pkgs.home-manager ];
|
|
};
|
|
users.groups.julian = {
|
|
gid = 1000;
|
|
};
|
|
|
|
sops.secrets.julian-password = {
|
|
sopsFile = ../../secrets.yaml;
|
|
neededForUsers = true;
|
|
};
|
|
|
|
home-manager.users.julian = import ../../../../homes/julian/${config.networking.hostName}.nix;
|
|
|
|
security.pam.services.swaylock = { }; # Make swaylock unlocking work
|
|
|
|
}
|