61 lines
2.0 KiB
Nix
61 lines
2.0 KiB
Nix
{ config, pkgs, lib, ... }:
|
|
|
|
# installer docs: https://github.com/NixOS/nixpkgs/blob/master/nixos/modules/profiles/installation-device.nix
|
|
{
|
|
# Users are exactly these specified here;
|
|
# old ones will be deleted (from /etc/passwd, etc) upon upgrade.
|
|
users.mutableUsers = false;
|
|
|
|
# docs: https://nixpkgs-manual-sphinx-markedown-example.netlify.app/generated/options-db.xml.html#users-users
|
|
users.users.colin = {
|
|
# sets group to "users" (?)
|
|
isNormalUser = true;
|
|
home = "/home/colin";
|
|
uid = 1000;
|
|
# XXX colin: this is what the installer has, but is it necessary?
|
|
# group = "users";
|
|
extraGroups = [ "wheel" "networkmanager" ];
|
|
initialHashedPassword = "";
|
|
# shell = pkgs.bashInteractive;
|
|
# XXX colin: create ssh key for THIS user by logging in and running:
|
|
# ssh-keygen -t ed25519
|
|
openssh.authorizedKeys.keys = [
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGSDe/y0e9PSeUwYlMPjzhW0UhNsGAGsW3lCG3apxrD5 colin@colin.desktop"
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG+MZ/l5d8g5hbxMB9ed1uyvhV85jwNrSVNVxb5ujQjw colin@colin.laptop"
|
|
];
|
|
};
|
|
|
|
# automatically log in at the virtual consoles.
|
|
# using root here makes sure we always have an escape hatch
|
|
# services.getty.autologinUser = "root";
|
|
|
|
security.sudo = {
|
|
enable = true;
|
|
wheelNeedsPassword = false;
|
|
};
|
|
|
|
services.openssh = {
|
|
enable = true;
|
|
permitRootLogin = "no";
|
|
passwordAuthentication = false;
|
|
};
|
|
|
|
programs.vim.defaultEditor = true;
|
|
|
|
# gitea doesn't create the git user
|
|
# users.users.git = {
|
|
# description = "Gitea Service";
|
|
# home = "/var/lib/gitea";
|
|
# useDefaultShell = true;
|
|
# group = "gitea";
|
|
# isSystemUser = true;
|
|
# # sendmail access (not 100% sure if this is necessary)
|
|
# extraGroups = [ "postdrop" ];
|
|
# };
|
|
|
|
# # this is required to allow pleroma to send email.
|
|
# # raw `sendmail` works, but i think pleroma's passing it some funny flags or something, idk.
|
|
# # hack to fix that.
|
|
# users.users.pleroma.extraGroups = [ "postdrop" ];
|
|
}
|