nixos/machines/core/users.nix

{ config, ... }:
{
  sops.secrets."users/felix/password".neededForUsers = true;
  sops.secrets."users/felix/password" = { };

  users.users.felix = {
    isNormalUser = true;
    home = "/home/felix";
    group = "felix";
    extraGroups = [
      "adbusers" # adb control
      "audio" # sound control
      "cdrom" # emulate cds
      "dialout" # serial-console
      "docker" # usage of `docker` socket
      "input" # mouse control
      "libvirtd" # kvm control
      "networkmanager" # wireless configuration
      "podman" # usage of `podman` socket
      "seat" # access to input devices
      "video" # screen control
      "wheel" # `sudo` for the user.
    ];
    hashedPasswordFile = config.sops.secrets."users/felix/password".path;
    openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOFx6OLwL9MbkD3mnMsv+xrzZHN/rwCTgVs758SCLG0h felix@thinkman"
      "no-touch-required sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIHhjrfqyOS+M9ATSTVr9JXPERBXOow/ZmkWICjbtbEgXAAAAFHNzaDpmZWxpeC1wZXJzb25hbC0x ssh:felix-personal-1"
      "no-touch-required sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIMHExVOrEevQ+bwrrW3cXCO7Y/SyA+7wG+b6ZvAWY4MJAAAAFHNzaDpmZWxpeC1wZXJzb25hbC0y ssh:felix-personal-2"
    ];
  };

  users.groups.felix = {
    gid = 1000;
  };
}
treewide: fix deadnix errors 2023-11-07 22:00:00 +01:00			`{ config, ... }:`
initial commit 2020-11-16 21:14:46 +01:00			`{`
users: update secrets path 2022-11-30 14:59:18 +01:00			`sops.secrets."users/felix/password".neededForUsers = true;`
			`sops.secrets."users/felix/password" = { };`
flake: update nix 2022-06-06 11:47:50 +02:00
initial commit 2020-11-16 21:14:46 +01:00			`users.users.felix = {`
			`isNormalUser = true;`
			`home = "/home/felix";`
			`group = "felix";`
			`extraGroups = [`
core/users: add podman and rearange 2022-12-05 22:54:25 +01:00			`"adbusers" # adb control`
			`"audio" # sound control`
core/user: add cdrom group 2025-02-17 20:31:41 +01:00			`"cdrom" # emulate cds`
core/users: add podman and rearange 2022-12-05 22:54:25 +01:00			`"dialout" # serial-console`
			"docker" # usage of `docker` socket
			`"input" # mouse control`
			`"libvirtd" # kvm control`
			`"networkmanager" # wireless configuration`
			"podman" # usage of `podman` socket
profile/sway: enable seatd 2025-05-08 21:38:02 +02:00			`"seat" # access to input devices`
core/users: add podman and rearange 2022-12-05 22:54:25 +01:00			`"video" # screen control`
			"wheel" # `sudo` for the user.
initial commit 2020-11-16 21:14:46 +01:00			`];`
machine/users: use hashedPasswordFile 2023-11-13 23:42:40 +01:00			`hashedPasswordFile = config.sops.secrets."users/felix/password".path;`
core/user: add ssh-key from yubikeys 2024-01-18 22:40:07 +01:00			`openssh.authorizedKeys.keys = [`
			`"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOFx6OLwL9MbkD3mnMsv+xrzZHN/rwCTgVs758SCLG0h felix@thinkman"`
			`"no-touch-required sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIHhjrfqyOS+M9ATSTVr9JXPERBXOow/ZmkWICjbtbEgXAAAAFHNzaDpmZWxpeC1wZXJzb25hbC0x ssh:felix-personal-1"`
			`"no-touch-required sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIMHExVOrEevQ+bwrrW3cXCO7Y/SyA+7wG+b6ZvAWY4MJAAAAFHNzaDpmZWxpeC1wZXJzb25hbC0y ssh:felix-personal-2"`
			`];`
initial commit 2020-11-16 21:14:46 +01:00			`};`

			`users.groups.felix = {`
			`gid = 1000;`
			`};`
			`}`