time to officially add /that/ system user

nixos/profiles/global/users.nix

@@ -10,27 +10,43 @@ in
     };
   };
 
-  users.users.jahanson = {
+  users = {
-    isNormalUser = true;
+    groups = {
-    shell = pkgs.fish;
+      kah = {
-    hashedPasswordFile = config.sops.secrets.jahanson-password.path;
+        gid = 568;
-    extraGroups =
+      };
-      [
+    };
-        "wheel"
+    users = {
-      ]
+      kah = {
-      ++ ifTheyExist [
+        isSystemUser = true;
-        "network"
+        group = "kah";
-        "samba-users"
+        uid = 568;
-        "docker"
+      };
-        "podman"
-        "audio" # pulseaudio
-        "libvirtd"
-      ];
 
-    openssh.authorizedKeys.keys = [
+      jahanson = {
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIDJtqzSFK3MN12Lo3Y4DnzJV5NiygIPkR+gun5oEb2q jahanson@legiondary"
+        isNormalUser = true;
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBsUe5YF5z8vGcEYtQX7AAiw2rJygGf2l7xxr8nZZa7w jahanson@durincore"
+        shell = pkgs.fish;
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILcLI5qN69BuoLp8p7nTYKoLdsBNmZB31OerZ63Car1g jahanson@telchar"
+        hashedPasswordFile = config.sops.secrets.jahanson-password.path;
-    ];
+        extraGroups =
+          [
+            "wheel"
+            "kah"
+          ]
+          ++ ifTheyExist [
+            "network"
+            "samba-users"
+            "docker"
+            "podman"
+            "audio" # pulseaudio
+            "libvirtd"
+          ];
+
+        openssh.authorizedKeys.keys = [
+          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIDJtqzSFK3MN12Lo3Y4DnzJV5NiygIPkR+gun5oEb2q jahanson@legiondary"
+          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBsUe5YF5z8vGcEYtQX7AAiw2rJygGf2l7xxr8nZZa7w jahanson@durincore"
+          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILcLI5qN69BuoLp8p7nTYKoLdsBNmZB31OerZ63Car1g jahanson@telchar"
+        ];
+      };
+    };
   };
 }