mirror of
https://github.com/gburd/nix-config.git
synced 2024-08-04 21:05:27 +00:00
43 lines
1,022 B
Nix
43 lines
1,022 B
Nix
{ pkgs, config, ... }:
|
|
let ifTheyExist = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
|
|
in
|
|
{
|
|
users.mutableUsers = false;
|
|
users.users.gburd = {
|
|
isNormalUser = true;
|
|
shell = pkgs.fish;
|
|
extraGroups = [
|
|
"wheel"
|
|
"video"
|
|
"audio"
|
|
"networkmanager"
|
|
] ++ ifTheyExist [
|
|
"network"
|
|
"wireshark"
|
|
"i2c"
|
|
"docker"
|
|
"podman"
|
|
"git"
|
|
"libvirtd"
|
|
"deluge"
|
|
];
|
|
|
|
openssh.authorizedKeys.keys = [
|
|
(builtins.readFile ../../../../home/gburd/ssh.pub)
|
|
(builtins.readFile ../../../../home/gburd/symas-ssh.pub)
|
|
];
|
|
hashedPasswordFile = config.sops.secrets.gburd-password.path;
|
|
packages = [ pkgs.home-manager ];
|
|
};
|
|
|
|
sops.secrets.gburd-password = {
|
|
sopsFile = ../../secrets.yaml;
|
|
neededForUsers = true;
|
|
};
|
|
|
|
home-manager.users.gburd = import ../../../../home/gburd/${config.networking.hostName}.nix;
|
|
|
|
services.geoclue2.enable = true;
|
|
security.pam.services = { swaylock = { }; };
|
|
}
|