From b54c018a59d94bee698d16e2f7f58990fb5d1cec Mon Sep 17 00:00:00 2001 From: Franck Cuny Date: Tue, 5 Apr 2022 19:39:32 -0700 Subject: refactor users to a module --- modules/system/default.nix | 2 +- modules/system/users/default.nix | 37 +++++++++++++++++++++++++++++++++++++ 2 files changed, 38 insertions(+), 1 deletion(-) create mode 100644 modules/system/users/default.nix (limited to 'modules/system') diff --git a/modules/system/default.nix b/modules/system/default.nix index 1f832bf..3f7d3ec 100644 --- a/modules/system/default.nix +++ b/modules/system/default.nix @@ -1 +1 @@ -{ ... }: { imports = [ ./console ./locale ./nix ]; } +{ ... }: { imports = [ ./console ./locale ./nix ./users ]; } diff --git a/modules/system/users/default.nix b/modules/system/users/default.nix new file mode 100644 index 0000000..b39067c --- /dev/null +++ b/modules/system/users/default.nix @@ -0,0 +1,37 @@ +{ config, lib, pkgs, ... }: +let + groupExists = grp: builtins.hasAttr grp config.users.groups; + groupsIfExist = builtins.filter groupExists; +in { + # Users are managed through this configuration. If a user is added + # manually, it will be removed on system activation. + users.mutableUsers = false; + + users.groups.fcuny = { gid = 1000; }; + users.users.fcuny = { + isNormalUser = true; + uid = 1000; + group = "fcuny"; + home = "/home/fcuny"; + shell = pkgs.fish; + extraGroups = groupsIfExist [ + "docker" + "users" + "wheel" # `sudo` for the user. + ]; + hashedPassword = + "$6$i.z1brxtb44JAEco$fDD2Izl.zRR9vBCB2VBKPScChGw38EEl7QEiBTJ/EwgP3oSL0X3ZHq0PJ.RtqzBsWTPUjl4F3MKOBMhnaAPr6."; + openssh.authorizedKeys.keys = [ + # aptos + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIdlm/qoR/dnMjZhVSTtqFzkgN3Yf9eQ3pgKMiipg+dl" + # work + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINSWhXmnUplM+xltD0sYiJ6AsjkwHvbjTYLA7GHXHja9" + ]; + }; + + users.users.root = { + hashedPassword = null; + openssh.authorizedKeys.keys = + config.users.users.fcuny.openssh.authorizedKeys.keys; + }; +} -- cgit 1.4.1