nix/nixos/users/albert/default.nix
2024-05-07 20:53:55 +09:00

49 lines
1.5 KiB
Nix

{ config, desktop, lib, pkgs, ... }:
let
ifExists = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
in {
# Define a user account.
imports = [ ] ++ lib.optional (builtins.isString desktop) ./desktop.nix;
users = {
mutableUsers = false;
users.albert = {
isNormalUser = true;
description = "Albert J. Copeland";
# video is required for the "light" command to work
extraGroups = [ "networkmanager" "wheel" ]
++ ifExists [ "keys" ]
++ ifExists [ "audio" ]
++ ifExists [ "video" ]
++ ifExists [ "docker" ]
++ ifExists [ "podman" ]
++ ifExists [ "syncthing" ];
shell = pkgs.fish;
# mkpasswd -m sha-512
hashedPassword = "$y$j9T$wKLsIWaA4Gf63RvjedwLJ0$EHKL6BBJV0CAxEKcHHjaBqW085KJ/MGvmbyWzmcWOy6";
packages = [ pkgs.home-manager ];
openssh.authorizedKeys.keyFiles = [ ../../../keys/ssh/keys.txt ];
};
groups.albert = {
gid = 1000;
name = "albert";
members = [ "albert" ];
};
};
# Used in home-manager's atuin config
# Used here instead of home-manager because HM randomly needs to restart sops-nix and I can't
# find a way to do so
sops.secrets."atuin_key" = {
sopsFile = ../../../secrets/users/albert.yaml;
owner = "albert";
};
sops.secrets."email_password" = {
sopsFile = ../../../secrets/users/albert.yaml;
owner = "albert";
};
# Make this user trusted
nix.settings.trusted-users = [ "albert" ];
}