56 lines
1.5 KiB
Nix
56 lines
1.5 KiB
Nix
{ pkgs, config, ... }:
|
|
let
|
|
ifTheyExist = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
|
|
in
|
|
{
|
|
sops.secrets = {
|
|
jahanson-password = {
|
|
sopsFile = ./secrets.sops.yaml;
|
|
neededForUsers = true;
|
|
};
|
|
};
|
|
|
|
users = {
|
|
groups = {
|
|
kah = {
|
|
gid = 568;
|
|
};
|
|
};
|
|
users = {
|
|
kah = {
|
|
isSystemUser = true;
|
|
group = "kah";
|
|
uid = 568;
|
|
};
|
|
|
|
jahanson = {
|
|
isNormalUser = true;
|
|
shell = pkgs.fish;
|
|
hashedPasswordFile = config.sops.secrets.jahanson-password.path;
|
|
extraGroups =
|
|
[
|
|
"wheel"
|
|
"kah"
|
|
]
|
|
++ ifTheyExist [
|
|
"network"
|
|
"samba-users"
|
|
"docker"
|
|
"podman"
|
|
"audio" # pulseaudio
|
|
"libvirtd"
|
|
"wireshark"
|
|
"minecraft"
|
|
];
|
|
|
|
openssh.authorizedKeys.keys = [
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIDJtqzSFK3MN12Lo3Y4DnzJV5NiygIPkR+gun5oEb2q jahanson@legiondary"
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBsUe5YF5z8vGcEYtQX7AAiw2rJygGf2l7xxr8nZZa7w jahanson@durincore"
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILcLI5qN69BuoLp8p7nTYKoLdsBNmZB31OerZ63Car1g jahanson@telchar"
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHwUOBEd0z2Jh6qJi4JeJbWdbU665E8/cP44iaUjW1DA jahanson@shadowfax"
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPHzVi4xC6aLYsC4iiIX9rBfEh/FkWZilukLxmfjU9DE jahanson@gandalf"
|
|
];
|
|
};
|
|
};
|
|
};
|
|
}
|