{ pkgs, lib, config, flake, ... }: let cfg = config.users.custom.malte; in { options.users.custom.malte = with lib; { enable = mkEnableOption "Enable user 'malte' on this machine"; }; config = lib.mkIf cfg.enable { users.users.malte = { description = "Malte Tammena"; hashedPassword = "$6$zqEC2iJJ98Ne$lRERO30msyjJm7oJCqRD/xj3NIm4De37gD.VUzfg7aceosE/6S6eNAaruIakgUtSC970MHRPoNlCEy1RoFuyh."; isNormalUser = true; extraGroups = [ "wheel" "networkmanager" "video" "lp" "kvm" "libvirtd" "podman" "corectrl" "scanner" "input" "adbusers" config.users.groups.keys.name ]; # Yes, use the best, please shell = pkgs.fish; }; home-manager.users.malte.imports = [../users/malte/home.nix flake.inputs.nix-colors.homeManagerModule]; programs.fish.enable = true; services.darkman.enable = true; services.udev.packages = [ pkgs.android-udev-rules ]; sops.secrets = let sopsFile = ../secrets/users/malte/secrets.yaml; owner = "malte"; mode = "0400"; in { restic-backup-malte = { inherit sopsFile owner mode; key = "restic-backup"; }; radicale-password = { inherit sopsFile owner mode; }; taskserver-private-key = { inherit sopsFile owner mode; }; taskserver-certificate = { inherit sopsFile owner mode; }; taskserver-ca-certificate = { inherit sopsFile owner mode; }; pw-mail-pm = { inherit sopsFile owner mode; }; pw-mail-uni = { inherit sopsFile owner mode; }; pw-mail-gmx = { inherit sopsFile owner mode; }; pw-mail-schulverwalter = { inherit sopsFile owner mode; }; }; }; }