{ config, lib, pkgs, ... }: let nc = config.nathan.config; ssh = import ../../info/ssh-keys.nix; in with lib; { config = mkMerge [ { security.polkit = { enable = true; # TODO: Refine the wheel branch to only include nessicary actions # extraConfig = '' # polkit.addRule(function(action, subject) { # if (subject.isInGroup("wheel")) # { # return polkit.Result.YES; # } # }) # ''; }; programs.fish.enable = true; users = { mutableUsers = !nc.installUser; # Configure our user, if enabled users."${nc.user}" = mkMerge [ (mkIf nc.installUser { # Darwin is special home = if pkgs.stdenv.isDarwin then "/Users/${nc.user}" else "/home/${nc.user}"; description = "Nathan McCarty"; shell = pkgs.fish; # Linux specific configuration next }) (mkIf (nc.installUser && pkgs.stdenv.isLinux) { isNormalUser = true; extraGroups = [ "wheel" "networkmanager" "audio" "docker" "libvirtd" "uinput" "adbusers" "plugdev" ]; hashedPassword = "$6$ShBAPGwzKZuB7eEv$cbb3erUqtVGFo/Vux9UwT2NkbVG9VGCxJxPiZFYL0DIc3t4GpYxjkM0M7fFnh.6V8MoSKLM/TvOtzdWbYwI58."; openssh.authorizedKeys.keys = ssh.list; }) ]; }; # If we install the user, enable sudo security.sudo.enable = mkDefault nc.installUser; # If we isntall the user, make them trusted nix.settings.trusted-users = if nc.installUser then [ "${nc.user}" ] else [ ]; # If we setup the user, install the shell as well environment.systemPackages = if nc.installUser then [ pkgs.fish ] else [ ]; # Configure the timezone time.timeZone = "America/New_York"; } (mkIf config.nathan.hardware.amdPassthrough { users.users."${nc.user}".extraGroups = [ "libvirtd" ]; }) (mkIf (nc.homeTmpfs && nc.installUser) { fileSystems."/home/${nc.user}/.tmp" = { fsType = "tmpfs"; options = [ "mode=700" "uid=${nc.userUid}" "gid=100" ]; }; }) ]; }