75 lines
1.9 KiB
Nix
75 lines
1.9 KiB
Nix
{ config, lib, pkgs, inputs, ... }:
|
||
|
||
|
||
let
|
||
cfg = config.users.blake;
|
||
in
|
||
{
|
||
options.users.blake = {
|
||
enable = lib.mkEnableOption "enable blake user";
|
||
username = lib.mkOption {
|
||
default = "blake";
|
||
description = ''
|
||
username
|
||
'';
|
||
};
|
||
};
|
||
|
||
|
||
config = lib.mkIf cfg.enable {
|
||
# create blake user
|
||
users.users.${cfg.username} = {
|
||
isNormalUser = true;
|
||
extraGroups = [ "wheel" "networkmanager" "docker" "media" "minecraft" ]; # Enable ‘sudo’ for the user.
|
||
uid = 1000;
|
||
shell = pkgs.zsh;
|
||
group = "blake";
|
||
hashedPasswordFile = config.sops.secrets."blake_passwd".path;
|
||
openssh.authorizedKeys.keys = [
|
||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBK0AGJfZGyqW8/krvQV+PL7axcDW/EnKyHy9M8wryQx klefki"
|
||
"ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBPdC9cCX8awvA19Ri65fvbYjZYe8X1Ef+nOZAIv92AS6u4SkJYqOvPYfqRHXORNDpbzjTV6nackyCKvV5EO4niv4MFIgdkEQwuVHcYX32/dOsWdDoeXBT/l2sFFM7JESwQ== blake@zygarde"
|
||
];
|
||
};
|
||
|
||
# define home-manager user
|
||
home-manager = {
|
||
useUserPackages = true;
|
||
useGlobalPkgs = true;
|
||
extraSpecialArgs = { inherit inputs; };
|
||
users = {
|
||
"blake" = import ./home.nix;
|
||
};
|
||
};
|
||
|
||
# define blake group
|
||
users.groups.blake = {
|
||
gid = 1000;
|
||
};
|
||
|
||
# passwordless rebuild
|
||
security.sudo.extraRules = [
|
||
{
|
||
users = [ "blake" ];
|
||
commands = [
|
||
{
|
||
command = "/run/current-system/sw/bin/nixos-rebuild";
|
||
options = [ "NOPASSWD" ];
|
||
}
|
||
{
|
||
command = "/run/current-system/sw/bin/systemctl";
|
||
options = [ "NOPASSWD" ];
|
||
}
|
||
{
|
||
command = "/run/current-system/sw/bin/journalctl";
|
||
options = [ "NOPASSWD" ];
|
||
}
|
||
{
|
||
command = "/run/current-system/sw/bin/tailscale";
|
||
options = [ "NOPASSWD" ];
|
||
}
|
||
];
|
||
}
|
||
];
|
||
};
|
||
}
|