blob: c143a0efc504f1de686589cf37237329b0ade25a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
|
{ lib, config, pkgs, home-manager, ... }: let
cfg = config._users.timmy;
username = "timmy";
fullname = "Tim Keller";
home = "/home/${username}";
sshKeyPaths = [ "${home}/.ssh/id_ed25519" ];
#sshPublicKeyPaths = lib.map (keyPath: keyPath + ".pub") sshKeyPaths;
sshPublicKeys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDnsnAWcz46OVi1MWSxpOIUtUvwalijDwvW+oEvNjzep" ];
in {
options._users.${username} = {
enable = lib.mkEnableOption "create user ${username}";
autologin.enable = lib.mkEnableOption "enables getty automatic login";
};
# FIXME
imports = [
./hosts.nix
./localization.nix
./nas.nix
./printing.nix
./repos.nix
./user.nix
./wifi.nix
];
config = lib.mkIf cfg.enable {
# Setup zsh
programs.zsh = {
enable = true;
_zshenv = {
enable = true;
exports = {
ZDOTDIR = "$HOME/.config/zsh";
};
};
};
#environment.systemPackages = [ pkgs.zsh-fast-syntax-highlighting ]; # TODO
# Setup normal user
users.users.${username} = {
inherit home;
description = fullname;
isNormalUser = true;
shell = pkgs.zsh;
extraGroups = [
"nixbld"
"video"
"wheel"
] ++ lib.optionals config.hardware.i2c.enable [
"i2c"
] ++ lib.optionals config.virtualisation.libvirtd.enable [
"libvirtd"
] ++ lib.optionals config.virtualisation.docker.enable [
"docker"
];
};
# Configure automatic login with getty
services.getty = lib.mkIf cfg.autologin.enable {
autologinUser = username;
};
# Configure sops age key paths since age keys are generated via ssh private key
sops.age = { inherit sshKeyPaths; };
# Add authorizedKeys to cgit service
services._cgit.ssh.authorizedKeys = {
keys = sshPublicKeys;
#keyFiles = sshPublicKeyPaths;
};
# Configure user home
home-manager.users.${username} = {
imports = [ ./home.nix ];
_users.${username}.home.enable = true;
};
};
}
|
