2022-06-23 02:57:41 -04:00
|
|
|
{ config, lib, pkgs, ... }:
|
2023-04-26 01:18:27 -04:00
|
|
|
let
|
|
|
|
nc = config.nathan.config;
|
2023-04-26 05:46:48 -04:00
|
|
|
ssh = import ../../info/ssh-keys.nix;
|
2022-10-13 22:13:43 -04:00
|
|
|
in with lib; {
|
2022-10-09 21:43:38 -04:00
|
|
|
config = mkMerge [
|
|
|
|
{
|
2023-04-30 23:36:49 -04:00
|
|
|
security.polkit = {
|
|
|
|
enable = true;
|
|
|
|
# TODO: Refine the wheel branch to only include nessicary actions
|
|
|
|
# extraConfig = ''
|
|
|
|
# polkit.addRule(function(action, subject) {
|
|
|
|
# if (subject.isInGroup("wheel"))
|
|
|
|
# {
|
|
|
|
# return polkit.Result.YES;
|
|
|
|
# }
|
|
|
|
# })
|
|
|
|
# '';
|
|
|
|
};
|
2023-04-30 23:28:28 -04:00
|
|
|
environment.shells = [ pkgs.fish ];
|
2022-10-09 21:43:38 -04:00
|
|
|
users = {
|
2023-05-07 02:16:31 -04:00
|
|
|
mutableUsers = !nc.installUser;
|
2022-10-09 21:43:38 -04:00
|
|
|
# Configure our user, if enabled
|
|
|
|
users."${nc.user}" = mkMerge [
|
2022-10-13 22:13:43 -04:00
|
|
|
(mkIf nc.installUser {
|
|
|
|
# Darwin is special
|
|
|
|
home = if pkgs.stdenv.isDarwin then
|
|
|
|
"/Users/${nc.user}"
|
|
|
|
else
|
|
|
|
"/home/${nc.user}";
|
|
|
|
description = "Nathan McCarty";
|
|
|
|
shell = pkgs.fish;
|
|
|
|
# Linux specific configuration next
|
|
|
|
})
|
2022-10-09 21:43:38 -04:00
|
|
|
(mkIf (nc.installUser && pkgs.stdenv.isLinux) {
|
|
|
|
isNormalUser = true;
|
2022-10-13 22:13:43 -04:00
|
|
|
extraGroups = [
|
|
|
|
"wheel"
|
|
|
|
"networkmanager"
|
|
|
|
"audio"
|
|
|
|
"docker"
|
|
|
|
"libvirtd"
|
|
|
|
"uinput"
|
|
|
|
"adbusers"
|
|
|
|
"plugdev"
|
|
|
|
];
|
|
|
|
hashedPassword =
|
|
|
|
"$6$ShBAPGwzKZuB7eEv$cbb3erUqtVGFo/Vux9UwT2NkbVG9VGCxJxPiZFYL0DIc3t4GpYxjkM0M7fFnh.6V8MoSKLM/TvOtzdWbYwI58.";
|
2023-04-26 01:18:27 -04:00
|
|
|
openssh.authorizedKeys.keys = ssh.list;
|
2022-07-02 02:44:43 -04:00
|
|
|
})
|
2022-10-09 21:43:38 -04:00
|
|
|
];
|
|
|
|
};
|
|
|
|
# If we install the user, enable sudo
|
|
|
|
security.sudo.enable = mkDefault nc.installUser;
|
|
|
|
# If we isntall the user, make them trusted
|
2022-11-22 22:16:10 -05:00
|
|
|
nix.settings.trusted-users =
|
|
|
|
if nc.installUser then [ "${nc.user}" ] else [ ];
|
2022-10-09 21:43:38 -04:00
|
|
|
# If we setup the user, install the shell as well
|
|
|
|
environment.systemPackages =
|
2022-10-13 22:13:43 -04:00
|
|
|
if nc.installUser then [ pkgs.fish ] else [ ];
|
2022-10-09 21:43:38 -04:00
|
|
|
# Configure the timezone
|
|
|
|
time.timeZone = "America/New_York";
|
|
|
|
}
|
2022-10-10 23:03:38 -04:00
|
|
|
(mkIf config.nathan.hardware.amdPassthrough {
|
2022-10-09 21:43:38 -04:00
|
|
|
users.users."${nc.user}".extraGroups = [ "libvirtd" ];
|
|
|
|
})
|
2023-05-07 02:16:31 -04:00
|
|
|
(mkIf (nc.homeTmpfs && nc.installUser) {
|
|
|
|
fileSystems."/home/${nc.user}/.tmp" = {
|
|
|
|
fsType = "tmpfs";
|
|
|
|
options = [ "mode=700" "uid=${nc.userUid}" "gid=100" ];
|
|
|
|
};
|
|
|
|
})
|
2022-10-09 21:43:38 -04:00
|
|
|
];
|
2022-06-23 02:57:41 -04:00
|
|
|
}
|