2024-06-10 16:13:19 -06:00
|
|
|
{ pkgs, keys, inputs, system, ... }:
|
2023-08-22 13:08:31 -06:00
|
|
|
let
|
2023-10-03 14:50:43 -06:00
|
|
|
extraGroups = [
|
|
|
|
"audio"
|
|
|
|
"adbusers"
|
|
|
|
"disk"
|
|
|
|
"docker"
|
|
|
|
"networkmanager"
|
|
|
|
"openrazer"
|
|
|
|
"plugdev"
|
|
|
|
"syncthing"
|
|
|
|
"systemd-journal"
|
|
|
|
"video"
|
|
|
|
];
|
|
|
|
extraGroupsWithWheel = extraGroups ++ ["wheel"];
|
|
|
|
userDefaults = {
|
|
|
|
group = "users";
|
|
|
|
isNormalUser = true;
|
|
|
|
createHome = true;
|
|
|
|
shell = pkgs.zsh;
|
|
|
|
};
|
2023-08-22 13:08:31 -06:00
|
|
|
in
|
|
|
|
{
|
|
|
|
security.sudo.wheelNeedsPassword = false;
|
2023-10-03 14:50:43 -06:00
|
|
|
users.users = with keys; {
|
2023-08-03 22:01:56 -06:00
|
|
|
syncthing = {
|
2023-08-05 19:31:34 -06:00
|
|
|
extraGroups = [ "syncthing" "wheel" ];
|
2023-08-03 22:01:56 -06:00
|
|
|
home = "/var/lib/syncthing";
|
|
|
|
createHome = true;
|
2024-04-08 01:39:11 -06:00
|
|
|
openssh.authorizedKeys.keys = [giteaSecret] ++ kanivanKeys;
|
2023-08-03 22:01:56 -06:00
|
|
|
};
|
2024-03-14 18:24:38 -06:00
|
|
|
ivanm = userDefaults // {
|
|
|
|
extraGroups = extraGroupsWithWheel;
|
|
|
|
name = "ivanm";
|
|
|
|
openssh.authorizedKeys.keys = kanivanKeys;
|
|
|
|
};
|
2023-07-28 10:53:50 -06:00
|
|
|
imalison = userDefaults // {
|
2023-10-03 14:50:43 -06:00
|
|
|
extraGroups = extraGroupsWithWheel;
|
2023-07-28 10:53:50 -06:00
|
|
|
name = "imalison";
|
2023-08-22 13:08:31 -06:00
|
|
|
openssh.authorizedKeys.keys = kanivanKeys;
|
2021-07-10 15:27:14 -06:00
|
|
|
};
|
|
|
|
kat = userDefaults // {
|
2023-10-03 14:50:43 -06:00
|
|
|
extraGroups = extraGroupsWithWheel;
|
2021-07-10 15:27:14 -06:00
|
|
|
name = "kat";
|
2023-08-22 13:08:31 -06:00
|
|
|
openssh.authorizedKeys.keys = kanivanKeys;
|
2021-07-10 15:27:14 -06:00
|
|
|
};
|
2023-07-19 12:43:03 -06:00
|
|
|
dean = userDefaults // {
|
2023-10-03 14:50:43 -06:00
|
|
|
extraGroups = extraGroupsWithWheel;
|
2023-07-19 12:43:03 -06:00
|
|
|
name = "dean";
|
2023-08-22 13:08:31 -06:00
|
|
|
openssh.authorizedKeys.keys = kanivanKeys ++ deanKeys;
|
2023-07-19 12:43:03 -06:00
|
|
|
};
|
2023-11-17 13:55:22 -07:00
|
|
|
will = userDefaults // {
|
|
|
|
extraGroups = extraGroupsWithWheel;
|
|
|
|
name = "will";
|
|
|
|
openssh.authorizedKeys.keys = kanivanKeys ++ willKeys;
|
|
|
|
};
|
2023-08-03 15:20:23 -06:00
|
|
|
alex = userDefaults // {
|
2023-10-03 14:50:43 -06:00
|
|
|
extraGroups = extraGroupsWithWheel;
|
2023-08-03 15:20:23 -06:00
|
|
|
name = "alex";
|
2023-08-22 13:08:31 -06:00
|
|
|
openssh.authorizedKeys.keys = kanivanKeys ++ alexKeys;
|
2023-08-03 15:20:23 -06:00
|
|
|
};
|
2023-10-03 14:50:43 -06:00
|
|
|
loewy = userDefaults // {
|
|
|
|
inherit extraGroups;
|
|
|
|
name = "loewy";
|
|
|
|
openssh.authorizedKeys.keys = kanivanKeys ++ loewyKeys;
|
|
|
|
};
|
|
|
|
mike = userDefaults // {
|
|
|
|
inherit extraGroups;
|
|
|
|
name = "mike";
|
|
|
|
openssh.authorizedKeys.keys = kanivanKeys ++ mikeKeys;
|
|
|
|
};
|
2023-11-16 01:48:47 -07:00
|
|
|
andy = userDefaults // {
|
|
|
|
inherit extraGroups;
|
|
|
|
name = "andy";
|
|
|
|
openssh.authorizedKeys.keys = kanivanKeys ++ andyKeys;
|
|
|
|
};
|
2023-12-20 14:30:21 -07:00
|
|
|
micah = userDefaults // {
|
|
|
|
inherit extraGroups;
|
|
|
|
name = "micah";
|
|
|
|
openssh.authorizedKeys.keys = kanivanKeys ++ micahKeys;
|
|
|
|
};
|
2024-04-08 01:47:07 -06:00
|
|
|
unprivileged = userDefaults // {
|
2024-04-08 01:46:22 -06:00
|
|
|
extraGroups = ["syncthing"];
|
2024-04-08 01:47:07 -06:00
|
|
|
name = "unprivileged";
|
2024-04-08 01:46:22 -06:00
|
|
|
openssh.authorizedKeys.keys = [giteaSecret] ++ kanivanKeys;
|
|
|
|
};
|
2024-05-25 07:53:45 -06:00
|
|
|
ben = userDefaults // {
|
|
|
|
inherit extraGroups;
|
|
|
|
name = "ben";
|
|
|
|
openssh.authorizedKeys.keys = benKeys ++ kanivanKeys;
|
|
|
|
};
|
2024-06-10 16:13:19 -06:00
|
|
|
railbird = userDefaults // {
|
|
|
|
inherit extraGroups;
|
|
|
|
name = "railbird";
|
|
|
|
openssh.authorizedKeys.keys = inputs.railbird-secrets.keys.railbirdAdminKeys;
|
|
|
|
};
|
2021-07-10 15:27:14 -06:00
|
|
|
};
|
|
|
|
|
2023-08-22 13:08:31 -06:00
|
|
|
nix.sshServe = {
|
|
|
|
enable = true;
|
2023-10-03 14:50:43 -06:00
|
|
|
keys = keys.allKeys;
|
2023-08-22 13:08:31 -06:00
|
|
|
};
|
2021-07-10 15:27:14 -06:00
|
|
|
}
|