restructure user
This commit is contained in:
@@ -8,7 +8,7 @@ in
|
||||
imports =
|
||||
[ # Include the results of the hardware scan.
|
||||
./hardware-configuration.nix
|
||||
../../users
|
||||
../../users/blake
|
||||
../../modules/system
|
||||
../../modules/homelab
|
||||
../../modules/homelab/minecraft_recpro
|
||||
@@ -54,12 +54,6 @@ in
|
||||
minecraft_recpro.enable = true;
|
||||
};
|
||||
|
||||
# configure users & groups
|
||||
users = {
|
||||
blake.enable = true; # main user, home manager
|
||||
defaultUserShell = pkgs.zsh; # the goat
|
||||
};
|
||||
|
||||
# boot (systemd is going on me)
|
||||
boot.loader.systemd-boot.enable = true; # systemd your pretty cool ya know
|
||||
boot.loader.efi.canTouchEfiVariables = true;
|
||||
|
||||
@@ -19,7 +19,7 @@ in
|
||||
age.keyFile = "/etc/sops/keys.txt";
|
||||
|
||||
secrets = {
|
||||
"blake_passwd" = lib.mkIf config.users.blake.enable {
|
||||
"blake_passwd" = {
|
||||
owner = "root";
|
||||
group = "root";
|
||||
neededForUsers = true;
|
||||
|
||||
@@ -6,7 +6,8 @@
|
||||
...
|
||||
}: {
|
||||
# create blake user
|
||||
users.users = {
|
||||
users = {
|
||||
users = {
|
||||
blake = {
|
||||
isNormalUser = true;
|
||||
extraGroups = ["wheel" "networkmanager" "docker" "media" "podman" "minecraft"]; # Enable ‘sudo’ for the user.
|
||||
@@ -20,6 +21,8 @@
|
||||
];
|
||||
};
|
||||
};
|
||||
groups.blake = { gid = 1000; };
|
||||
};
|
||||
|
||||
# define home-manager user
|
||||
home-manager = {
|
||||
|
||||
@@ -64,22 +64,22 @@
|
||||
};
|
||||
};
|
||||
# import sshkeys from keyring
|
||||
#home.file.".ssh/id_snowbelle".source = config.lib.file.mkOutOfStoreSymlink /home/blake/.nix/.keyring/ssh/id_snowbelle;
|
||||
#home.file.".ssh/id_snowbelle.pub".source = config.lib.file.mkOutOfStoreSymlink /home/blake/.nix/.keyring/ssh/id_snowbelle.pub;
|
||||
home.file.".ssh/id_snowbelle".source = config.lib.file.mkOutOfStoreSymlink /home/blake/.nix/.keyring/ssh/id_snowbelle;
|
||||
home.file.".ssh/id_snowbelle.pub".source = config.lib.file.mkOutOfStoreSymlink /home/blake/.nix/.keyring/ssh/id_snowbelle.pub;
|
||||
|
||||
# manage secrets with sops
|
||||
sops.secrets = {
|
||||
"id_snowbelle" = {
|
||||
owner = "blake";
|
||||
group = "blake";
|
||||
mode = "0600";
|
||||
path = "/home/blake/.ssh/id_snowbelle";
|
||||
};
|
||||
"id_snowbelle.pub" = {
|
||||
owner = "blake";
|
||||
group = "blake";
|
||||
mode = "644";
|
||||
path = "/home/blake/.ssh/id_snowbelle.pub";
|
||||
};
|
||||
};
|
||||
# # manage secrets with sops
|
||||
# sops.secrets = {
|
||||
# "id_snowbelle" = {
|
||||
# owner = "blake";
|
||||
# group = "blake";
|
||||
# mode = "0600";
|
||||
# path = "/home/blake/.ssh/id_snowbelle";
|
||||
# };
|
||||
# "id_snowbelle.pub" = {
|
||||
# owner = "blake";
|
||||
# group = "blake";
|
||||
# mode = "644";
|
||||
# path = "/home/blake/.ssh/id_snowbelle.pub";
|
||||
# };
|
||||
# };
|
||||
}
|
||||
|
||||
@@ -5,6 +5,5 @@
|
||||
./blake
|
||||
];
|
||||
|
||||
users.blake.enable = lib.mkDefault true;
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user