nix-config/nixos/_mixins/users/gburd/default.nix

{ config, desktop, lib, pkgs, sshMatrix, ... }:
let
  ifExists = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
in
{
  # Only include desktop components if one is supplied.
  imports = lib.optional (builtins.isString desktop) ./desktop.nix;

  environment.systemPackages = with pkgs; [
    yadm # Terminal dot file manager
    neovim
  ];

  users.users.gburd = {
    description = "Greg Burd";
    extraGroups = [
      "audio"
      "input"
      "networkmanager"
      "users"
      "video"
      "wheel"
    ]
    ++ ifExists [
      "docker"
      "podman"
      config.services.kubo.group
    ];

    # mkpasswd -m sha-512
    # TODO: hashedPasswordFile = config.sops.secrets.gburd-password.path;
    hashedPassword = "$6$RDOZHdTwt.BuOR4C$fYDkyb3yppbgX0ewPbsKabS2u9W.wyrRJONQPtugrO/gBJCzsWkfVIVYOAj07Qar1yqeYJBlBkYSFAgGe5ssw.";
    homeMode = "0755";
    isNormalUser = true;
    openssh.authorizedKeys.keys = sshMatrix.groups.privileged_users;
    packages = [ pkgs.home-manager ];
    shell = pkgs.fish;
  };

  sops.secrets.gburd-password = {
    sopsFile = ../../secrets.yaml;
    neededForUsers = true;
  };

  # https://github.com/Mic92/envfs
  services.envfs.enable = true;
  # https://wiki.nixos.org/wiki/IPFS
  #kubo.enable = true;
  # a location service `where-am-i`
  services.geoclue2.enable = true;
}
sync with tcarrio (#7) sync with tcarrio 2024-05-23 19:02:20 +00:00			`{ config, desktop, lib, pkgs, sshMatrix, ... }:`
wimpy-ified inspired by wimpysworld nix-config 2023-09-25 18:05:07 +00:00			`let`
sync with tcarrio (#7) sync with tcarrio 2024-05-23 19:02:20 +00:00			`ifExists = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;`
wimpy-ified inspired by wimpysworld nix-config 2023-09-25 18:05:07 +00:00			`in`
			`{`
sync with tcarrio (#7) sync with tcarrio 2024-05-23 19:02:20 +00:00			`# Only include desktop components if one is supplied.`
			`imports = lib.optional (builtins.isString desktop) ./desktop.nix;`
wimpy-ified inspired by wimpysworld nix-config 2023-09-25 18:05:07 +00:00
			`environment.systemPackages = with pkgs; [`
sync with tcarrio (#7) sync with tcarrio 2024-05-23 19:02:20 +00:00			`yadm # Terminal dot file manager`
			`neovim`
wimpy-ified inspired by wimpysworld nix-config 2023-09-25 18:05:07 +00:00			`];`

			`users.users.gburd = {`
sync with tcarrio (#7) sync with tcarrio 2024-05-23 19:02:20 +00:00			`description = "Greg Burd";`
wimpy-ified inspired by wimpysworld nix-config 2023-09-25 18:05:07 +00:00			`extraGroups = [`
			`"audio"`
			`"input"`
			`"networkmanager"`
			`"users"`
			`"video"`
			`"wheel"`
sync with tcarrio (#7) sync with tcarrio 2024-05-23 19:02:20 +00:00			`]`
			`++ ifExists [`
wimpy-ified inspired by wimpysworld nix-config 2023-09-25 18:05:07 +00:00			`"docker"`
			`"podman"`
updates 2024-08-15 05:29:41 +00:00			`config.services.kubo.group`
wimpy-ified inspired by wimpysworld nix-config 2023-09-25 18:05:07 +00:00			`];`

sync with tcarrio (#7) sync with tcarrio 2024-05-23 19:02:20 +00:00			`# mkpasswd -m sha-512`
			`# TODO: hashedPasswordFile = config.sops.secrets.gburd-password.path;`
			`hashedPassword = "$6$RDOZHdTwt.BuOR4C$fYDkyb3yppbgX0ewPbsKabS2u9W.wyrRJONQPtugrO/gBJCzsWkfVIVYOAj07Qar1yqeYJBlBkYSFAgGe5ssw.";`
wimpy-ified inspired by wimpysworld nix-config 2023-09-25 18:05:07 +00:00			`homeMode = "0755";`
			`isNormalUser = true;`
sync with tcarrio (#7) sync with tcarrio 2024-05-23 19:02:20 +00:00			`openssh.authorizedKeys.keys = sshMatrix.groups.privileged_users;`
wimpy-ified inspired by wimpysworld nix-config 2023-09-25 18:05:07 +00:00			`packages = [ pkgs.home-manager ];`
			`shell = pkgs.fish;`
			`};`

			`sops.secrets.gburd-password = {`
			`sopsFile = ../../secrets.yaml;`
			`neededForUsers = true;`
			`};`

updates 2024-08-15 05:29:41 +00:00			`# https://github.com/Mic92/envfs`
			`services.envfs.enable = true;`
			`# https://wiki.nixos.org/wiki/IPFS`
			`#kubo.enable = true;`
			# a location service `where-am-i`
wimpy-ified inspired by wimpysworld nix-config 2023-09-25 18:05:07 +00:00			`services.geoclue2.enable = true;`
			`}`