about summary refs log tree commit diff stats
path: root/modules/by-name/us/users/module.nix
blob: 4be3f419e4e387972ef28b7d18a35045cec63ad1 (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86

{
  config,
  lib,
  pkgs,
  ...
}:
let
  cfg = config.vhack.users;

  mkUser =
    {
      name,
      password,
      uid,
      sshKey,
    }:
    {
      inherit name;
      value = {
        inherit name uid;
        isNormalUser = true;
        home = "/home/${name}";
        hashedPassword = password;
        extraGroups = [
          "wheel"
        ];
        openssh.authorizedKeys.keys = [
          sshKey
        ];
      };
    };

  extraUsers = lib.listToAttrs (
    builtins.map mkUser [
      {
        name = "soispha";
        password = "$y$jFT$3.8XmUyukZvpExMUxDZkI.$IVrJgm8ysNDF/0vDD2kF6w73ozXgr1LMVRNN4Bq7pv1";
        sshKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIME4ZVa+IoZf6T3U08JG93i6QIAJ4amm7mkBzO14JSkz cardno:000F_18F83532";
        uid = 1000;
      }
      {
        name = "sils";
        password = "$y$jFT$KpFnahVCE9JbE.5P3us8o.$ZzSxCusWqe3sL7b6DLgOXNNUf114tiiptM6T8lDxtKC";
        sshKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILn7Oumr5IYtTTIKRFvDnofGXXiDLBQE9jVF+7UE+4G5 vhack.eu";
        uid = 1001;
      }
    ]
  );
in
{
  options.vhack.users = {
    enable = lib.mkEnableOption "user setup";
  };

  config = lib.mkIf cfg.enable {
    users = {
      mutableUsers = false;
      defaultUserShell = pkgs.bashInteractive;

      users = {
        root = {
          hashedPassword = lib.mkForce null; # to lock root
          openssh.authorizedKeys.keys = lib.mkForce [ ];
        };
      } // extraUsers;

      # TODO(@bpeetz): Is this still relevant?
      #                If it is, it should be moved to a separate module. <2024-12-24>
      #     nixremote = {
      #       name = "nixremote";
      #       isNormalUser = true;
      #       createHome = true;
      #       home = "/home/nixremote";
      #       uid = 1003;
      #       group = "nixremote";
      #       openssh.authorizedKeys.keys = [
      #         "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCbSWqFzb+WTq2JVoRGoTkCkP7AM3bNY91bsUBeoQQc8gKAWuqCrpAOmr2Q2QMaTTGEOM0CsWfWLs3ZYtynHmc7wIFc4T/sUloV+dB9oSCmOk5ePxtj8+gpPK35Ja+ug5zmXsaI4s+n9mEbuuEjn33MxDYCUzAI+aWvWe68u/j+FM3u9c3Ta009rotajjSZ/cmIltgNLsG1rnAZRpwmLVg5UL4cb9um54o/NLYFd2KAekQFVbwUQDzzqriZhWmzkfhnznBMDblf9R1xvZ18Lqv3JF21shdaR43NW1wtuntBvAdsVYK2VUEbj+3MxTkK0aQ/E9SHMtH8MRE4oxU74TeTWfIhuSZk9/wekzSNMkHP3ReFC6B9xCMYa+ZqaTaGSWLQi78AQDeM2F9rAfp3hQzyRa7T7qKlgbae/hEb07xZglqmG7eml9vPSt4AHv5Y176Q95NiiWduGoLQOmjvSBMU9/KEGrGKyLfGH1Wa2EOfPxKKcvcHW0Xi9PlPiuP0nYk= root@thinklappi"
      #       ];
      #     };
      #   };
      #   groups.nixremote = {
      #     gid = 1004;
      #   };
    };
  };
}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-06-24 07:48:49 +0000