2024-03-05 22:57:41 +01:00
|
|
|
{
|
|
|
|
|
config,
|
|
|
|
|
pkgs,
|
2024-03-28 16:35:03 +01:00
|
|
|
secrets,
|
2024-03-05 22:57:41 +01:00
|
|
|
...
|
|
|
|
|
}: {
|
2023-08-01 15:35:09 +02:00
|
|
|
users = {
|
|
|
|
|
# Don't allow imperative modifications to users (incompatible with impermanence)
|
|
|
|
|
mutableUsers = false;
|
2023-08-25 00:57:42 +02:00
|
|
|
|
2023-08-01 15:35:09 +02:00
|
|
|
users = {
|
|
|
|
|
root = {
|
2024-02-24 02:11:59 +01:00
|
|
|
hashedPasswordFile = config.age.secrets.users-hashed-password-file.path;
|
2023-08-01 15:35:09 +02:00
|
|
|
};
|
|
|
|
|
caspervk = {
|
|
|
|
|
isNormalUser = true;
|
|
|
|
|
description = "Casper V. Kristensen";
|
2024-02-24 02:11:59 +01:00
|
|
|
hashedPasswordFile = config.age.secrets.users-hashed-password-file.path;
|
2023-08-01 15:35:09 +02:00
|
|
|
extraGroups = [
|
2023-08-01 16:55:53 +02:00
|
|
|
"wheel" # allows sudo
|
|
|
|
|
"video" # allows controlling brightness
|
2024-04-06 01:20:19 +02:00
|
|
|
# TODO: systemd-journal, audio, input, power, nix ?
|
2023-08-01 15:35:09 +02:00
|
|
|
];
|
|
|
|
|
uid = 1000;
|
2024-03-05 22:57:41 +01:00
|
|
|
packages = with pkgs; [];
|
2023-08-01 15:35:09 +02:00
|
|
|
};
|
|
|
|
|
};
|
|
|
|
|
};
|
2024-02-24 02:11:59 +01:00
|
|
|
|
|
|
|
|
age.secrets.users-hashed-password-file = {
|
2024-03-28 16:35:03 +01:00
|
|
|
file = "${secrets}/secrets/users-hashed-password-file.age";
|
2024-02-24 02:11:59 +01:00
|
|
|
mode = "400";
|
|
|
|
|
owner = "root";
|
|
|
|
|
group = "root";
|
|
|
|
|
};
|
2023-08-01 15:35:09 +02:00
|
|
|
}
|
