mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Files
32eadb044d65b92bb0e23c506b8a2011701aaf02
nix-config/hosts/nas/users.nix
mjallen18 32eadb044d so many sops
2025-03-17 21:34:53 -05:00

93 lines
2.2 KiB
Nix
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
{ pkgs, config, ... }:
let
user = "admin";
passwordFile = config.sops.secrets."jallen-nas/admin_password".path;
authorizedKeyFiles = [
config.sops.secrets."ssh-keys-public/desktop-nixos".path
config.sops.secrets."ssh-keys-public/desktop-nixos-root".path
config.sops.secrets."ssh-keys-public/desktop-windows".path
config.sops.secrets."ssh-keys-public/macbook-macos".path
];
in
{
# Define a user account. Don't forget to set a password with passwd.
users = {
# See https://search.nixos.org/options?channel=unstable&show=users.mutableUsers&from=0&size=50&sort=relevance&type=packages&query=users.users
mutableUsers = false;
groups.jallen-nas.gid = 1000; # create nas group cause truenas perms
# Admin account
users."${user}" = {
isNormalUser = true;
linger = true;
extraGroups = [
"wheel"
"networkmanager"
"docker"
"podman"
"libvirtd"
"nix-apps"
"jallen-nas"
"media"
"nscd"
"grafana"
"traefik"
"avahi"
"62900"
"1001"
];
hashedPasswordFile = passwordFile;
shell = pkgs.zsh;
openssh.authorizedKeys.keyFiles = authorizedKeyFiles;
packages = with pkgs; [
cachix
fastfetch
git
parted
aspell
aspellDicts.en
aspellDicts.en-computers
aspellDicts.en-science
aha
papirus-icon-theme
firefox
swtpm
tigervnc
];
};
# Nix app account
users.nix-apps = {
isSystemUser = true;
uid = 911;
group = "jallen-nas";
extraGroups = [
"jallen-nas"
"docker"
"podman"
];
hashedPasswordFile = passwordFile;
};
groups.nut.name = "nut";
users.upsuser = {
group = "nut";
isNormalUser = false;
isSystemUser = true;
createHome = true;
home = "/var/lib/nut";
homeMode = "750";
hashedPasswordFile = passwordFile;
};
users.nextcloud = {
isNormalUser = true;
extraGroups = [
"jallen-nas"
"nix-apps"
];
hashedPasswordFile = passwordFile;
};
};
}
Reference in New Issue View Git Blame Copy Permalink