48 lines
1.9 KiB
Nix
48 lines
1.9 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
let
|
|
nc = config.nathan.config;
|
|
in
|
|
with lib; {
|
|
config = {
|
|
users = {
|
|
# If we install the user and the system is hardended, then disable mutable users
|
|
mutableUsers = !(nc.installUser && nc.harden);
|
|
# Configure our user, if enabled
|
|
users."${nc.user}" = mkMerge [
|
|
(mkIf nc.installUser
|
|
{
|
|
# Darwin is special
|
|
home = if pkgs.stdenv.isDarwin then "/Users/nathan" else "/home/nathan";
|
|
description = "Nathan McCarty";
|
|
shell = pkgs.fish;
|
|
# Linux specific configuration next
|
|
})
|
|
(mkIf (nc.installUser && pkgs.stdenv.isLinux) {
|
|
isNormalUser = true;
|
|
extraGroups = [ "wheel" "networkmanager" "audio" "docker" "libvirtd" "uinput" "adbusers" "plugdev" ];
|
|
hashedPassword = "$6$ShBAPGwzKZuB7eEv$cbb3erUqtVGFo/Vux9UwT2NkbVG9VGCxJxPiZFYL0DIc3t4GpYxjkM0M7fFnh.6V8MoSKLM/TvOtzdWbYwI58.";
|
|
openssh.authorizedKeys.keys = [
|
|
# yubikey ssh key
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILRs6zVljIlQEZ8F+aEBqqbpeFJwCw3JdveZ8TQWfkev cardno:000615938515"
|
|
# Macbook pro key
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGBfkO7kq37RQMT8UE8zQt/vP4Ub7kizLw6niToJwAIe nathan@Nathans-MacBook-Pro.local"
|
|
# Phone key
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILY7KmG/eFm3hgTx7GBB5jNrV/yryg5C6xcgCxFQhn+o JuiceSSH"
|
|
# Tablet key
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMd+LlxJnluU0xvIMRIz74iypKfcSpQ5/7y2SB4c6SFY JuiceSSH"
|
|
];
|
|
})
|
|
];
|
|
};
|
|
# If we install the user, enable sudo
|
|
security.sudo.enable = mkDefault nc.installUser;
|
|
# If we setup the user, install the shell as well
|
|
environment.systemPackages =
|
|
if nc.installUser then [
|
|
pkgs.fish
|
|
] else [ ];
|
|
# Configure the timezone
|
|
time.timeZone = "America/New_York";
|
|
};
|
|
}
|