dotfiles/nixos/users.nix

{ pkgs, keys, inputs, system, ... }:
let
  extraGroups = [
    "audio"
    "adbusers"
    "disk"
    "docker"
    "networkmanager"
    "openrazer"
    "plugdev"
    "syncthing"
    "systemd-journal"
    "video"
  ];
  extraGroupsWithWheel = extraGroups ++ ["wheel"];
  userDefaults = {
    group = "users";
    isNormalUser = true;
    createHome = true;
    shell = pkgs.zsh;
  };
in
{
  security.sudo.wheelNeedsPassword = false;
  users.users = with keys; {
    syncthing = {
      extraGroups = [ "syncthing" "wheel" ];
      home = "/var/lib/syncthing";
      createHome = true;
      openssh.authorizedKeys.keys = [giteaSecret] ++ kanivanKeys;
    };
    ivanm = userDefaults // {
      extraGroups = extraGroupsWithWheel;
      name = "ivanm";
      openssh.authorizedKeys.keys = kanivanKeys;
    };
    imalison = userDefaults // {
      extraGroups = extraGroupsWithWheel;
      name = "imalison";
      openssh.authorizedKeys.keys = kanivanKeys;
    };
    kat = userDefaults // {
      extraGroups = extraGroupsWithWheel;
      name = "kat";
      openssh.authorizedKeys.keys = kanivanKeys;
    };
    dean = userDefaults // {
      extraGroups = extraGroupsWithWheel;
      name = "dean";
      openssh.authorizedKeys.keys = kanivanKeys ++ deanKeys;
    };
    will = userDefaults // {
      extraGroups = extraGroupsWithWheel;
      name = "will";
      openssh.authorizedKeys.keys = kanivanKeys ++ willKeys;
    };
    alex = userDefaults // {
      extraGroups = extraGroupsWithWheel;
      name = "alex";
      openssh.authorizedKeys.keys = kanivanKeys ++ alexKeys;
    };
    loewy = userDefaults // {
      inherit extraGroups;
      name = "loewy";
      openssh.authorizedKeys.keys = kanivanKeys ++ loewyKeys;
    };
    mike = userDefaults // {
      inherit extraGroups;
      name = "mike";
      openssh.authorizedKeys.keys = kanivanKeys ++ mikeKeys;
    };
    andy = userDefaults // {
      inherit extraGroups;
      name = "andy";
      openssh.authorizedKeys.keys = kanivanKeys ++ andyKeys;
    };
    micah = userDefaults // {
      inherit extraGroups;
      name = "micah";
      openssh.authorizedKeys.keys = kanivanKeys ++ micahKeys;
    };
    unprivileged = userDefaults // {
      extraGroups = ["syncthing"];
      name = "unprivileged";
      openssh.authorizedKeys.keys = [giteaSecret] ++ kanivanKeys;
    };
    ben = userDefaults // {
      inherit extraGroups;
      name = "ben";
      openssh.authorizedKeys.keys = benKeys ++ kanivanKeys;
    };
    railbird = userDefaults // {
      inherit extraGroups;
      name = "railbird";
      openssh.authorizedKeys.keys = inputs.railbird-secrets.keys.railbirdDevKeys;
    };
  };

  nix.sshServe = {
    enable = true;
    keys = keys.allKeys;
  };
}
[NixOS] Add railbird user 2024-06-10 16:13:19 -06:00			`{ pkgs, keys, inputs, system, ... }:`
[NixOS] Set up local ssh binary caching 2023-08-22 13:08:31 -06:00			`let`
[NixOS] Add mike and loewy 2023-10-03 14:50:43 -06:00			`extraGroups = [`
			`"audio"`
			`"adbusers"`
			`"disk"`
			`"docker"`
			`"networkmanager"`
			`"openrazer"`
			`"plugdev"`
			`"syncthing"`
			`"systemd-journal"`
			`"video"`
			`];`
			`extraGroupsWithWheel = extraGroups ++ ["wheel"];`
			`userDefaults = {`
			`group = "users";`
			`isNormalUser = true;`
			`createHome = true;`
			`shell = pkgs.zsh;`
			`};`
[NixOS] Set up local ssh binary caching 2023-08-22 13:08:31 -06:00			`in`
			`{`
			`security.sudo.wheelNeedsPassword = false;`
[NixOS] Add mike and loewy 2023-10-03 14:50:43 -06:00			`users.users = with keys; {`
[NixOS] More syncthing 2023-08-03 22:01:56 -06:00			`syncthing = {`
[NixOS] Try to fix syncthings priveleges issues 2023-08-05 19:31:34 -06:00			`extraGroups = [ "syncthing" "wheel" ];`
[NixOS] More syncthing 2023-08-03 22:01:56 -06:00			`home = "/var/lib/syncthing";`
			`createHome = true;`
[NixOS] Make kanivan keys work for syncthing 2024-04-08 01:39:11 -06:00			`openssh.authorizedKeys.keys = [giteaSecret] ++ kanivanKeys;`
[NixOS] More syncthing 2023-08-03 22:01:56 -06:00			`};`
[NixOS] Add strixy-minaj 2024-03-14 18:24:38 -06:00			`ivanm = userDefaults // {`
			`extraGroups = extraGroupsWithWheel;`
			`name = "ivanm";`
			`openssh.authorizedKeys.keys = kanivanKeys;`
			`};`
[NixOS] Share all ssh keys between users 2023-07-28 10:53:50 -06:00			`imalison = userDefaults // {`
[NixOS] Add mike and loewy 2023-10-03 14:50:43 -06:00			`extraGroups = extraGroupsWithWheel;`
[NixOS] Share all ssh keys between users 2023-07-28 10:53:50 -06:00			`name = "imalison";`
[NixOS] Set up local ssh binary caching 2023-08-22 13:08:31 -06:00			`openssh.authorizedKeys.keys = kanivanKeys;`
[NixOS] Add users.nix 2021-07-10 15:27:14 -06:00			`};`
			`kat = userDefaults // {`
[NixOS] Add mike and loewy 2023-10-03 14:50:43 -06:00			`extraGroups = extraGroupsWithWheel;`
[NixOS] Add users.nix 2021-07-10 15:27:14 -06:00			`name = "kat";`
[NixOS] Set up local ssh binary caching 2023-08-22 13:08:31 -06:00			`openssh.authorizedKeys.keys = kanivanKeys;`
[NixOS] Add users.nix 2021-07-10 15:27:14 -06:00			`};`
[NixOS] Add dean user 2023-07-19 12:43:03 -06:00			`dean = userDefaults // {`
[NixOS] Add mike and loewy 2023-10-03 14:50:43 -06:00			`extraGroups = extraGroupsWithWheel;`
[NixOS] Add dean user 2023-07-19 12:43:03 -06:00			`name = "dean";`
[NixOS] Set up local ssh binary caching 2023-08-22 13:08:31 -06:00			`openssh.authorizedKeys.keys = kanivanKeys ++ deanKeys;`
[NixOS] Add dean user 2023-07-19 12:43:03 -06:00			`};`
[NixOS] Add will user 2023-11-17 13:55:22 -07:00			`will = userDefaults // {`
			`extraGroups = extraGroupsWithWheel;`
			`name = "will";`
			`openssh.authorizedKeys.keys = kanivanKeys ++ willKeys;`
			`};`
[NixOS] Add alex user 2023-08-03 15:20:23 -06:00			`alex = userDefaults // {`
[NixOS] Add mike and loewy 2023-10-03 14:50:43 -06:00			`extraGroups = extraGroupsWithWheel;`
[NixOS] Add alex user 2023-08-03 15:20:23 -06:00			`name = "alex";`
[NixOS] Set up local ssh binary caching 2023-08-22 13:08:31 -06:00			`openssh.authorizedKeys.keys = kanivanKeys ++ alexKeys;`
[NixOS] Add alex user 2023-08-03 15:20:23 -06:00			`};`
[NixOS] Add mike and loewy 2023-10-03 14:50:43 -06:00			`loewy = userDefaults // {`
			`inherit extraGroups;`
			`name = "loewy";`
			`openssh.authorizedKeys.keys = kanivanKeys ++ loewyKeys;`
			`};`
			`mike = userDefaults // {`
			`inherit extraGroups;`
			`name = "mike";`
			`openssh.authorizedKeys.keys = kanivanKeys ++ mikeKeys;`
			`};`
[NixOS] Add andy user 2023-11-16 01:48:47 -07:00			`andy = userDefaults // {`
			`inherit extraGroups;`
			`name = "andy";`
			`openssh.authorizedKeys.keys = kanivanKeys ++ andyKeys;`
			`};`
[NixOS] Add micah 2023-12-20 14:30:21 -07:00			`micah = userDefaults // {`
			`inherit extraGroups;`
			`name = "micah";`
			`openssh.authorizedKeys.keys = kanivanKeys ++ micahKeys;`
			`};`
[NixOS] Typo 2024-04-08 01:47:07 -06:00			`unprivileged = userDefaults // {`
[NixOS] Add unpriveleged 2024-04-08 01:46:22 -06:00			`extraGroups = ["syncthing"];`
[NixOS] Typo 2024-04-08 01:47:07 -06:00			`name = "unprivileged";`
[NixOS] Add unpriveleged 2024-04-08 01:46:22 -06:00			`openssh.authorizedKeys.keys = [giteaSecret] ++ kanivanKeys;`
			`};`
Add ben to realUsers, users.nix; key to keys.nix. zsh now default?? uhh paste contents of .profile into .zprofile I guess? 2024-05-25 07:53:45 -06:00			`ben = userDefaults // {`
			`inherit extraGroups;`
			`name = "ben";`
			`openssh.authorizedKeys.keys = benKeys ++ kanivanKeys;`
			`};`
[NixOS] Add railbird user 2024-06-10 16:13:19 -06:00			`railbird = userDefaults // {`
			`inherit extraGroups;`
			`name = "railbird";`
[NixOS] Allow dev keys for railbird user 2024-06-11 16:36:47 -06:00			`openssh.authorizedKeys.keys = inputs.railbird-secrets.keys.railbirdDevKeys;`
[NixOS] Add railbird user 2024-06-10 16:13:19 -06:00			`};`
[NixOS] Add users.nix 2021-07-10 15:27:14 -06:00			`};`

[NixOS] Set up local ssh binary caching 2023-08-22 13:08:31 -06:00			`nix.sshServe = {`
			`enable = true;`
[NixOS] Add mike and loewy 2023-10-03 14:50:43 -06:00			`keys = keys.allKeys;`
[NixOS] Set up local ssh binary caching 2023-08-22 13:08:31 -06:00			`};`
[NixOS] Add users.nix 2021-07-10 15:27:14 -06:00			`}`