{ pkgs, lib, config, inputs, ... }: let cfg = config.users.custom.malte; in { options.users.custom.malte = with lib; { enable = mkEnableOption "user 'malte' on this machine"; }; config = lib.mkIf cfg.enable { users.users.malte = { description = "Malte Tammena"; hashedPassword = "$6$zqEC2iJJ98Ne$lRERO30msyjJm7oJCqRD/xj3NIm4De37gD.VUzfg7aceosE/6S6eNAaruIakgUtSC970MHRPoNlCEy1RoFuyh."; isNormalUser = true; extraGroups = [ "wheel" "networkmanager" "video" "render" "lp" "kvm" "libvirtd" "podman" "corectrl" "scanner" "input" "adbusers" config.users.groups.keys.name ]; # Yes, use the best, please shell = pkgs.fish; # Allow my yubikey everywhere openssh.authorizedKeys.keyFiles = [../users/malte/yubikey.pub]; }; home-manager.users.malte.imports = [../users/malte/home.nix inputs.nix-colors.homeManagerModule inputs.hyprland.homeManagerModules.default]; programs.fish.enable = true; services.darkman.enable = true; services.udev.packages = [ pkgs.android-udev-rules ]; # TODO: Remove after switching occupation services.clamav.daemon.enable = true; services.clamav.updater.enable = true; services.flatpak.enable = true; programs.hyprland = { enable = true; xwayland = { enable = true; }; enableNvidiaPatches = config.settings.nvidiaUsed; }; sops.secrets = let sopsFile = ../secrets/users/malte/secrets.yaml; owner = "malte"; mode = "0400"; in { restic-backup-malte = { inherit sopsFile owner mode; key = "restic-backup"; }; radicale-password = { inherit sopsFile owner mode; }; taskserver-private-key = { inherit sopsFile owner mode; }; taskserver-certificate = { inherit sopsFile owner mode; }; taskserver-ca-certificate = { inherit sopsFile owner mode; }; pw-mail-pm = { inherit sopsFile owner mode; }; pw-mail-uni = { inherit sopsFile owner mode; }; pw-mail-gmx = { inherit sopsFile owner mode; }; pw-mail-schulverwalter = { inherit sopsFile owner mode; }; sftp-key = { inherit sopsFile owner mode; }; }; }; }