about summary refs log tree commit diff stats
path: root/sys/users/default.nix
diff options
context:
space:
mode:
Diffstat (limited to 'sys/users/default.nix')
-rw-r--r--sys/users/default.nix44
1 files changed, 44 insertions, 0 deletions
diff --git a/sys/users/default.nix b/sys/users/default.nix
new file mode 100644
index 00000000..365ffd41
--- /dev/null
+++ b/sys/users/default.nix
@@ -0,0 +1,44 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}: let
+  cfg = config.soispha.users;
+in {
+  options.soispha.users = {
+    # enable = lib.mkEnableOption (lib.mdDoc "users");
+    hashedPassword = lib.mkOption {
+      type = lib.types.str;
+      example = lib.literalExpression "$y$jFT$ONrCqZIJKB7engmfA4orD/$0GO58/wV5wrYWj0cyONhyujZPjFmbT0XKtx2AvXLG0B";
+      default = "$y$jFT$ONrCqZIJKB7engmfA4orD/$0GO58/wV5wrYWj0cyONhyujZPjFmbT0XKtx2AvXLG0B";
+      description = lib.mdDoc "Hashed password for the user";
+    };
+  };
+  config = {
+    # I was told, that this solves some nasty problems:
+    programs.zsh.enable = true;
+
+    users = {
+      groups = {
+        plugdev.members = ["soispha"];
+      };
+      mutableUsers = false;
+      users.soispha = {
+        isNormalUser = true;
+        home = "/home/soispha";
+        createHome = true;
+        shell = pkgs.zsh;
+        initialHashedPassword = cfg.hashedPassword;
+        extraGroups = [
+          "plugdev" # although deprecated, this helps with old udev rules, that still use this group. TODO: check for an open issue
+          "wheel"
+        ];
+        uid = 1000;
+        openssh.authorizedKeys.keys = [
+          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGBFuTNNn71Rhfnop2cdz3r/RhWWlCePnSBOhTBbu2ME soispha"
+        ];
+      };
+    };
+  };
+}