users.nix at master · ngp.computer/nixos

ngp.computer / nixos

Configuration for my NixOS based systems and Home Manager

nixos / users.nix

at master 45 lines 1.2 kB view raw

 1{
 2  pkgs,
 3  lib,
 4  config,
 5  extraGroups ? [ ],
 6  ...
 7}:
 8{
 9
10  # Declarative only optoins.
11  # I don't want to allow ad-hoc modifying users on the system.
12  # Users must be declared either as part of a package or in this file.
13  users.mutableUsers = false;
14
15  age.secrets.noah-password = {
16    file = ./secrets/noah-hashed-password.age;
17    owner = "root";
18    group = "root";
19  };
20
21  # Define a user account. Don't forget to set a password with ‘passwd’.
22  users.users.noah = {
23    isNormalUser = true;
24    shell = pkgs.fish;
25    extraGroups = [
26      "wheel"
27      "video"
28      "nas"
29    ]
30    ++ extraGroups; # Enable ‘sudo’ for the user.
31    hashedPasswordFile = config.age.secrets.noah-password.path;
32    openssh.authorizedKeys.keys = lib.strings.splitString "\n" (
33      builtins.readFile (
34        builtins.fetchurl {
35          url = "https://meta.sr.ht/~chiefnoah.keys";
36          name = "chiefnoah.keys";
37          # Update this with:
38          # `curl https://meta.sr.ht/~chiefnoah.keys | sha256sum`
39          sha256 = "0wdnx25blqihbgaa0hzd39mjqwki92ambar097hjfmlrxg1s4lk7";
40        }
41      )
42    );
43  };
44  users.groups.nas.gid = 1001;
45}