users

2025-02-27 00:37:57 +01:00 · 2025-02-27 00:37:57 +01:00 · 72cd7b3696
commit 72cd7b3696
parent 240a322ec6
3 changed files with 57 additions and 5 deletions
--- a/system/default.nix
+++ b/system/default.nix
@ -1,7 +1,26 @@
 {...}: {
  imports = [
    ./boot.nix
+    ./packages.nix
+    ./env.nix
+    ./btrfs.nix
+    ./users.nix
+
+    ./networking.nix
+    ./persistence.nix
+    ./nix.nix
+    ./audio.nix
+    ./ssh.nix
+
+    ./syncthing.nix
+    ./wayland.nix
+    ./steam.nix
+
+    ./nfs.nix
+    ./fonts.nix
+    ./bluetooth.nix
+    ./zsh.nix
  ];

-  # lib.mkForce 
+  system.stateVersion = "24.11";
 }
--- a/system/users.nix
+++ b/system/users.nix
@ -0,0 +1,30 @@
+{ config, ...}: let 
+    host = config.networking.hostName;
+  in {
+  users.mutableUsers = false;
+  users.users = {
+    lilith = {
+      isNormalUser = true;
+      uid = 1000;
+      extraGroups = [ "wheel" "networkmanager" ];
+      hashedPasswordFile = config.sops.secrets."user/password".path;
+    };
+  };
+
+  sops.secrets = {
+    "user/password" = {
+      sopsFile = ../hosts/${host}/secrets/default.yaml;
+      neededForUsers = true;
+    };
+    "user/ssh/private" = {
+      sopsFile = ../hosts/${conf.hostname}/secrets/default.yaml;
+      path = "/home/lilith/.ssh/id_ed25519";
+      owner = "lilith";
+    };
+    "user/ssh/public" = {
+      sopsFile = ../hosts/${conf.hostname}/secrets/default.yaml;
+      path = "/home/lilith/.ssh/id_ed25519.pub";
+      owner = "lilith";
+    };
+  };
+}