diff options
| author | Benedikt Peetz <benedikt.peetz@b-peetz.de> | 2025-05-01 13:02:26 +0200 |
|---|---|---|
| committer | Benedikt Peetz <benedikt.peetz@b-peetz.de> | 2025-05-01 13:02:26 +0200 |
| commit | 11920f9ede8aa8497a6c344f83bb6afb16c28149 (patch) | |
| tree | bd34e63d09acf36ed724d5d693fe13a3eb7448fb /modules/by-name | |
| parent | modules/legacy/ssh: Migrate to by-name (diff) | |
| download | nixos-config-11920f9ede8aa8497a6c344f83bb6afb16c28149.zip | |
modules/users: Add hm config and root user
Diffstat (limited to '')
| -rw-r--r-- | modules/by-name/us/users/module.nix | 48 |
1 files changed, 36 insertions, 12 deletions
diff --git a/modules/by-name/us/users/module.nix b/modules/by-name/us/users/module.nix index d458b3dc..555e61f9 100644 --- a/modules/by-name/us/users/module.nix +++ b/modules/by-name/us/users/module.nix @@ -17,6 +17,7 @@ in { options.soispha.users = { enable = lib.mkEnableOption "user set-up for soispha"; + hashedPassword = lib.mkOption { type = lib.types.str; example = lib.literalExpression "$y$jFT$ONrCqZIJKB7engmfA4orD/$0GO58/wV5wrYWj0cyONhyujZPjFmbT0XKtx2AvXLG0B"; @@ -40,19 +41,42 @@ in { users = { mutableUsers = false; - users.soispha = { - isNormalUser = true; - home = "/home/soispha"; - createHome = true; - shell = pkgs.zsh; - initialHashedPassword = cfg.hashedPassword; - extraGroups = cfg.groups ++ lib.optional cfg.enableDeprecatedPlugdev "plugdev"; + users = { + soispha = { + isNormalUser = true; + home = "/home/soispha"; + createHome = true; + shell = pkgs.zsh; + initialHashedPassword = cfg.hashedPassword; + extraGroups = cfg.groups ++ lib.optional cfg.enableDeprecatedPlugdev "plugdev"; + + uid = 1000; + openssh.authorizedKeys.keys = [ + # TODO: This should be parameterized. <2024-05-16> + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIME4ZVa+IoZf6T3U08JG93i6QIAJ4amm7mkBzO14JSkz" + ]; + }; + + root = { + hashedPassword = lib.mkForce null; # to lock root + openssh.authorizedKeys.keys = lib.mkForce []; + }; + }; + }; + + home-manager.users = { + soispha.home = { + username = "soispha"; + homeDirectory = config.users.users.soispha.home; + stateVersion = "23.05"; + enableNixpkgsReleaseCheck = true; + }; - uid = 1000; - openssh.authorizedKeys.keys = [ - # TODO: This should be parameterized. <2024-05-16> - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIME4ZVa+IoZf6T3U08JG93i6QIAJ4amm7mkBzO14JSkz" - ]; + root.home = { + username = "root"; + homeDirectory = config.users.users.root.home; + stateVersion = "23.05"; + enableNixpkgsReleaseCheck = true; }; }; }; |