swarsel/.dotfiles
1
0
Fork 0
mirror of https://github.com/Swarsel/.dotfiles.git synced 2025-12-06 09:07:21 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat: improve emergency access

Browse source
This commit is contained in:
Leon Schwarzäugl 2025-07-22 21:27:13 +02:00
parent 8c998fd2cc
commit 6fb15c9fe0
Signed by: swarsel
GPG key ID: 26A54C31F2A4FD84
12 changed files with 142 additions and 49 deletions
Download patch file Download diff file Expand all files Collapse all files

22
modules/nixos/common/users.nix
View file

@ -1,4 +1,4 @@
{ self, pkgs, config, lib, minimal, ... }:
{ self, pkgs, config, lib, globals, minimal, ... }:
let
sopsFile = self + /secrets/general/secrets.yaml;
in
@ -9,13 +9,19 @@ in
users = {
mutableUsers = lib.mkIf (!minimal) false;
users."${config.swarselsystems.mainUser}" = {
isNormalUser = true;
description = "Leon S";
password = lib.mkIf (minimal || config.swarselsystems.isPublic) "setup";
hashedPasswordFile = lib.mkIf (!minimal && !config.swarselsystems.isPublic) config.sops.secrets.main-user-hashed-pw.path;
extraGroups = [ "wheel" ] ++ lib.optionals (!minimal) [ "networkmanager" "syncthing" "docker" "lp" "audio" "video" "vboxusers" "libvirtd" "scanner" ];
packages = with pkgs; [ ];
users = {
root = {
inherit (globals.root) hashedPassword;
shell = pkgs.zsh;
};
"${config.swarselsystems.mainUser}" = {
isNormalUser = true;
description = "Leon S";
password = lib.mkIf (minimal || config.swarselsystems.isPublic) "setup";
hashedPasswordFile = lib.mkIf (!minimal && !config.swarselsystems.isPublic) config.sops.secrets.main-user-hashed-pw.path;
extraGroups = [ "wheel" ] ++ lib.optionals (!minimal) [ "networkmanager" "syncthing" "docker" "lp" "audio" "video" "vboxusers" "libvirtd" "scanner" ];
packages = with pkgs; [ ];
};
};
};
};