nix-config/hosts/common/users/gburd/default.nix

43 lines
1,016 B
Nix
Raw Normal View History

{ pkgs, config, ... }:
let ifTheyExist = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
in
{
users.mutableUsers = false;
2023-09-19 17:05:08 +00:00
users.users.gburd = {
isNormalUser = true;
2023-09-20 13:09:16 +00:00
shell = pkgs.fish;
extraGroups = [
"wheel"
"video"
"audio"
2023-09-19 17:05:08 +00:00
"networkmanager"
] ++ ifTheyExist [
"network"
"wireshark"
"i2c"
"docker"
"podman"
"git"
"libvirtd"
"deluge"
];
2023-09-19 17:05:08 +00:00
openssh.authorizedKeys.keys = [
(builtins.readFile ../../../../home/gburd/ssh.pub)
(builtins.readFile ../../../../home/gburd/symas-ssh.pub)
];
passwordFile = config.sops.secrets.gburd-password.path;
packages = [ pkgs.home-manager ];
};
2023-09-19 17:05:08 +00:00
sops.secrets.gburd-password = {
sopsFile = ../../secrets.yaml;
neededForUsers = true;
};
2023-09-19 17:05:08 +00:00
home-manager.users.gburd = import ../../../../home/gburd/${config.networking.hostName}.nix;
services.geoclue2.enable = true;
security.pam.services = { swaylock = { }; };
}