about summary refs log tree commit diff stats
path: root/modules/by-name/us/users/module.nix
diff options
context:
space:
mode:
Diffstat (limited to 'modules/by-name/us/users/module.nix')
-rw-r--r--modules/by-name/us/users/module.nix50
1 files changed, 37 insertions, 13 deletions
diff --git a/modules/by-name/us/users/module.nix b/modules/by-name/us/users/module.nix
index d458b3dc..555e61f9 100644
--- a/modules/by-name/us/users/module.nix
+++ b/modules/by-name/us/users/module.nix
@@ -17,6 +17,7 @@
 in {
   options.soispha.users = {
     enable = lib.mkEnableOption "user set-up for soispha";
+
     hashedPassword = lib.mkOption {
       type = lib.types.str;
       example = lib.literalExpression "$y$jFT$ONrCqZIJKB7engmfA4orD/$0GO58/wV5wrYWj0cyONhyujZPjFmbT0XKtx2AvXLG0B";
@@ -40,19 +41,42 @@ in {
     users = {
       mutableUsers = false;
 
-      users.soispha = {
-        isNormalUser = true;
-        home = "/home/soispha";
-        createHome = true;
-        shell = pkgs.zsh;
-        initialHashedPassword = cfg.hashedPassword;
-        extraGroups = cfg.groups ++ lib.optional cfg.enableDeprecatedPlugdev "plugdev";
-
-        uid = 1000;
-        openssh.authorizedKeys.keys = [
-          # TODO: This should be parameterized. <2024-05-16>
-          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIME4ZVa+IoZf6T3U08JG93i6QIAJ4amm7mkBzO14JSkz"
-        ];
+      users = {
+        soispha = {
+          isNormalUser = true;
+          home = "/home/soispha";
+          createHome = true;
+          shell = pkgs.zsh;
+          initialHashedPassword = cfg.hashedPassword;
+          extraGroups = cfg.groups ++ lib.optional cfg.enableDeprecatedPlugdev "plugdev";
+
+          uid = 1000;
+          openssh.authorizedKeys.keys = [
+            # TODO: This should be parameterized. <2024-05-16>
+            "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIME4ZVa+IoZf6T3U08JG93i6QIAJ4amm7mkBzO14JSkz"
+          ];
+        };
+
+        root = {
+          hashedPassword = lib.mkForce null; # to lock root
+          openssh.authorizedKeys.keys = lib.mkForce [];
+        };
+      };
+    };
+
+    home-manager.users = {
+      soispha.home = {
+        username = "soispha";
+        homeDirectory = config.users.users.soispha.home;
+        stateVersion = "23.05";
+        enableNixpkgsReleaseCheck = true;
+      };
+
+      root.home = {
+        username = "root";
+        homeDirectory = config.users.users.root.home;
+        stateVersion = "23.05";
+        enableNixpkgsReleaseCheck = true;
       };
     };
   };
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-05-03 22:45:05 +0000