desktop is building I guess, idk, need to start commiting stuff eventually lmao

2025-07-17 20:57:18 -05:00
parent 6c7c76887b
commit 442c24997d
219 changed files with 3166 additions and 3583 deletions
--- a/systems/x86_64-linux/nas/users.nix
+++ b/systems/x86_64-linux/nas/users.nix
@@ -0,0 +1,96 @@
+{ pkgs, config, ... }:
+let
+  user = "admin";
+  passwordFile = config.sops.secrets."jallen-nas/admin_password".path;
+in
+{
+
+  # Define a user account. Don't forget to set a password with ‘passwd’.
+  users = {
+    # See https://search.nixos.org/options?channel=unstable&show=users.mutableUsers&from=0&size=50&sort=relevance&type=packages&query=users.users
+    mutableUsers = false;
+    groups.jallen-nas.gid = 1000; # create nas group cause truenas perms
+
+    # Admin account
+    users."${user}" = {
+      isNormalUser = true;
+      linger = true;
+      extraGroups = [
+        "wheel"
+        "networkmanager"
+        "docker"
+        "podman"
+        "libvirtd"
+        "nix-apps"
+        "jallen-nas"
+        "media"
+        "nscd"
+        "grafana"
+        "traefik"
+        "avahi"
+        "62900"
+        "1001"
+      ];
+      hashedPasswordFile = passwordFile;
+      shell = pkgs.zsh;
+      packages = with pkgs; [
+        cachix
+        fastfetch
+        git
+        parted
+        aspell
+        aspellDicts.en
+        aspellDicts.en-computers
+        aspellDicts.en-science
+        aha
+        papirus-icon-theme
+        firefox
+        swtpm
+        tigervnc
+      ];
+      openssh.authorizedKeys.keys = [
+        # macBook
+        "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCw9zq8DLGByI5v2gAn95hKNyOsm3g61a2buxu2BBMFysQJgmZPCCLUqRJKhSM5Vm/JOgsAmdpRBRZQoHD+6S844CJHb4v4VIbjkyQgYCuM7Rst2IOZ5QybvsA2/D0nwytZ+HXQqDj2AagUYDbz0gyyIHkDQ5YGBMkvkWz/h1Vci6aoBM7VihEDM4KlWoTVuPeASGM8r5IZ2FS83Djbqo4ov6AYvLMrKB9Z7hmFgH6R3LE0gxOkzbGVXtSuvJyrjvgytoT22UhATjjxSQ9D+YJXXkQoB3lUdg8OoIquUPjMZpl4mR8ffvseWPfcvD1XlD5t+TOHFqKpESO547tlOBYhdpew+NSgAXpamCU6oyV8tDCywLQu2ucxHRn78u6WXzWHkDtffdhzmk6TZaPhWqVHuTGjR4higBgGqUfSaKOMszt+FDRZAr3HtuQ2+zJ8bowK9fW5OqilTtK2HtQqroD9ApegDNbqOz6kGy5IycSXvqPURy/M4lxZxbtBPuemcJs= mattjallen@MacBook-Pro.local"
+        # desktop windows
+        "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDZ2PYPjZddOzR8OJj16G88KcUhCDLkvrEmpUQP0wKHDUuA27HQQ2ORo66asadwGHY3k1VDZ1ei9l9H++SIIeKOaaUr5yZdktvj4POUNtbd9ZhcS7sZU7BSF+NMDM+h3tImh6z0S7mWvRQOUv3ZM+ZER+5xTWJVG1OOJEpb1drxJk6Qz0wbZKSR7TPNFBLLXlVy7hkNYf07RtDyhCCxNB3hJfa8c+oztnWumwDhDQWLqiUXWIU2QH6iRLGl/WYnujtNvVVaV/Hn3JJkS6MM9dnV3cpoIO0+J7+WfsN9rZ0wXt5yY3GhiGXwmcO5eYVli8lHlLWtK7aYSETyry6CBsLbojzOQO5rSqhpwfF2njAAFAQU0UjLc8PahisIuFKCwHH4iyXXOagiv5K1Mc/0Ak+WhhMPee6vV2p7NTyNpXRvouDbWy5cSRH31WgQ9fK5mIGe5v8nGGqtEhUubUkiOgP+H3UbT2V/nTv/TFKdJcKw+WmizvTrxBmaMjWALlkYl+s= mattl@Jallen-PC"
+        # desktop nixos
+        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPTBMydhOc6SnOdB5WrEd7X07DrboAtagCUgXiOJjLov matt@matt-nixos"
+      ];
+    };
+
+    # Nix app account
+    users.nix-apps = {
+      isSystemUser = true;
+      uid = 911;
+      group = "jallen-nas";
+      extraGroups = [
+        "jallen-nas"
+        "docker"
+        "podman"
+      ];
+      hashedPasswordFile = passwordFile;
+    };
+
+    groups.nut.name = "nut";
+    users.upsuser = {
+      group = "nut";
+      isNormalUser = false;
+      isSystemUser = true;
+      createHome = true;
+      home = "/var/lib/nut";
+      homeMode = "750";
+      hashedPasswordFile = passwordFile;
+    };
+
+    users.nextcloud = {
+      isNormalUser = true;
+      extraGroups = [
+        "jallen-nas"
+        "nix-apps"
+      ];
+      hashedPasswordFile = passwordFile;
+    };
+
+    users.root.shell = pkgs.zsh;
+  };
+}