{ pkgs, config, ... }: let user = "admin"; passwordFile = config.sops.secrets."jallen-nas/admin_password".path; authorizedKeyFiles = [ config.sops.secrets."ssh-keys-public/desktop-nixos".path config.sops.secrets."ssh-keys-public/desktop-nixos-root".path config.sops.secrets."ssh-keys-public/desktop-windows".path config.sops.secrets."ssh-keys-public/macbook-macos".path ]; in { # Define a user account. Don't forget to set a password with ‘passwd’. users = { # See https://search.nixos.org/options?channel=unstable&show=users.mutableUsers&from=0&size=50&sort=relevance&type=packages&query=users.users mutableUsers = false; groups.jallen-nas.gid = 1000; # create nas group cause truenas perms # Admin account users."${user}" = { isNormalUser = true; linger = true; extraGroups = [ "wheel" "networkmanager" "docker" "podman" "libvirtd" "nix-apps" "jallen-nas" "media" "nscd" "grafana" "traefik" "avahi" "62900" "1001" ]; hashedPasswordFile = passwordFile; shell = pkgs.zsh; openssh.authorizedKeys.keyFiles = authorizedKeyFiles; packages = with pkgs; [ cachix fastfetch git parted aspell aspellDicts.en aspellDicts.en-computers aspellDicts.en-science aha papirus-icon-theme firefox swtpm tigervnc ]; }; # Nix app account users.nix-apps = { isSystemUser = true; uid = 911; group = "jallen-nas"; extraGroups = [ "jallen-nas" "docker" "podman" ]; hashedPasswordFile = passwordFile; }; groups.nut.name = "nut"; users.upsuser = { group = "nut"; isNormalUser = false; isSystemUser = true; createHome = true; home = "/var/lib/nut"; homeMode = "750"; hashedPasswordFile = passwordFile; }; users.nextcloud = { isNormalUser = true; extraGroups = [ "jallen-nas" "nix-apps" ]; hashedPasswordFile = passwordFile; }; }; }