about summary refs log tree commit diff
path: root/modules/system/users/default.nix
blob: 9f874a04b217836e940acfe5fca61378c3af630d (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
{ config, lib, pkgs, ... }:
let
  groupExists = grp: builtins.hasAttr grp config.users.groups;
  groupsIfExist = builtins.filter groupExists;
  sshPub = builtins.fromTOML (builtins.readFile ../../../configs/ssh-pubkeys.toml);
in
{
  # Users are managed through this configuration. If a user is added
  # manually, it will be removed on system activation.
  users.mutableUsers = false;

  users.groups.fcuny = { gid = 1000; };
  users.users.fcuny = {
    isNormalUser = true;
    uid = 1000;
    group = "fcuny";
    home = "/home/fcuny";
    shell = pkgs.zsh;
    extraGroups = groupsIfExist [
      "docker"
      "users"
      "nas" # in order to access to files downloaded by transmission
      "wheel" # `sudo` for the user.
      "cdrom" # in order to read from the bluray
    ];
    hashedPassword =
      "$6$i.z1brxtb44JAEco$fDD2Izl.zRR9vBCB2VBKPScChGw38EEl7QEiBTJ/EwgP3oSL0X3ZHq0PJ.RtqzBsWTPUjl4F3MKOBMhnaAPr6.";
    openssh.authorizedKeys.keys = with sshPub; [
      aptos
      work
      ykey-backup
      ykey-keyring
      ykey-laptop
    ];
  };

  users.users.root = {
    hashedPassword = null;
    openssh.authorizedKeys.keys =
      config.users.users.fcuny.openssh.authorizedKeys.keys;
  };
}