37 lines
728 B
Nix
37 lines
728 B
Nix
{
|
|
config,
|
|
pkgs,
|
|
...
|
|
}:
|
|
{
|
|
sops.secrets."user/password" = {
|
|
neededForUsers = true;
|
|
sopsFile = ./secrets/home.yaml;
|
|
};
|
|
sops.secrets."root/password" = {
|
|
neededForUsers = true;
|
|
sopsFile = ./secrets/home.yaml;
|
|
};
|
|
users = {
|
|
mutableUsers = false;
|
|
|
|
users = {
|
|
root = {
|
|
homeMode = "700";
|
|
hashedPasswordFile = config.sops.secrets."root/password".path;
|
|
};
|
|
user = {
|
|
uid = 1000;
|
|
homeMode = "700";
|
|
shell = pkgs.fish;
|
|
isNormalUser = true;
|
|
group = "user";
|
|
extraGroups = [ "libvirt" ];
|
|
hashedPasswordFile = config.sops.secrets."user/password".path;
|
|
};
|
|
};
|
|
groups = {
|
|
user.gid = 1000;
|
|
};
|
|
};
|
|
}
|