36 lines
734 B
Nix
36 lines
734 B
Nix
{
|
|
config,
|
|
lib,
|
|
options,
|
|
pkgs,
|
|
secrets,
|
|
var,
|
|
...
|
|
}:
|
|
with lib;
|
|
{
|
|
config = mkIf config.hd.common.users.enable {
|
|
age.secrets.hd-password = {
|
|
file = secrets."hd-password.age";
|
|
};
|
|
|
|
users = {
|
|
mutableUsers = false;
|
|
users."hd" = {
|
|
description = "Henri";
|
|
isNormalUser = true;
|
|
createHome = true;
|
|
home = "/home/hd";
|
|
extraGroups = [ "wheel" ];
|
|
shell = pkgs.fish;
|
|
packages = [ ];
|
|
openssh.authorizedKeys.keys = var.ssh-keys.trusted;
|
|
hashedPasswordFile = config.age.secrets.hd-password.path;
|
|
};
|
|
users.root = {
|
|
hashedPassword = "!";
|
|
openssh.authorizedKeys.keys = var.ssh-keys.root;
|
|
};
|
|
};
|
|
};
|
|
}
|