46 lines
1.2 KiB
Nix
46 lines
1.2 KiB
Nix
{ config, lib, pkgs, ... }:
|
|
|
|
with lib;
|
|
|
|
let
|
|
administrators = user: {
|
|
name = user.name;
|
|
value = let
|
|
cfg = config.services;
|
|
passPath = "${config.machine.secretPath}/${user.name}";
|
|
in {
|
|
isNormalUser = true;
|
|
name = user.name;
|
|
uid = user.id;
|
|
home = builtins.toPath "/home/${user.name}";
|
|
createHome = true;
|
|
description = "Administrative user ${user.name}.";
|
|
group = user.name;
|
|
extraGroups = [ "audio" "wheel" "network" ]
|
|
++ (optionals cfg.xserver.enable ["input" "video"])
|
|
++ (optionals cfg.printing.enable [ "cups" "lp" ])
|
|
++ (optional config.virtualisation.docker.enable "docker");
|
|
shell = "${pkgs.zsh}/bin/zsh";
|
|
passwordFile = passPath;
|
|
openssh.authorizedKeys.keyFiles = optional
|
|
(cfg.openssh.enable && (builtins.pathExists "${passPath}.pub"))
|
|
"${passPath}.pub";
|
|
};
|
|
};
|
|
|
|
mkusergroup = user: {
|
|
name = user.name;
|
|
value = {
|
|
name = user.name;
|
|
gid = user.id;
|
|
members = [ user.name ];
|
|
};
|
|
};
|
|
|
|
in {
|
|
users = {
|
|
mutableUsers = false;
|
|
users = listToAttrs (map administrators config.machine.administrators);
|
|
groups = listToAttrs (map mkusergroup config.machine.administrators);
|
|
};
|
|
}
|