94 lines
2.3 KiB
Nix
94 lines
2.3 KiB
Nix
{
|
|
pkgs,
|
|
lib,
|
|
config,
|
|
flake,
|
|
...
|
|
}: let
|
|
cfg = config.users.custom.malte;
|
|
in {
|
|
options.users.custom.malte = with lib; {
|
|
enable = mkEnableOption "user 'malte' on this machine";
|
|
steamDeck = mkEnableOption "steam deck options";
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
users.users.malte = {
|
|
description = "Malte Tammena";
|
|
hashedPassword = "$6$zqEC2iJJ98Ne$lRERO30msyjJm7oJCqRD/xj3NIm4De37gD.VUzfg7aceosE/6S6eNAaruIakgUtSC970MHRPoNlCEy1RoFuyh.";
|
|
isNormalUser = true;
|
|
extraGroups = [
|
|
"wheel"
|
|
"networkmanager"
|
|
"video"
|
|
"render"
|
|
"lp"
|
|
"kvm"
|
|
"libvirtd"
|
|
"podman"
|
|
"corectrl"
|
|
"scanner"
|
|
"input"
|
|
"adbusers"
|
|
config.users.groups.keys.name
|
|
];
|
|
# Yes, use the best, please
|
|
shell = pkgs.fish;
|
|
# Allow my yubikey everywhere
|
|
openssh.authorizedKeys.keyFiles = [../users/malte/yubikey.pub];
|
|
};
|
|
|
|
home-manager.users.malte.imports = [../users/malte/home.nix flake.inputs.nix-colors.homeManagerModule flake.inputs.hyprland.homeManagerModules.default];
|
|
programs.fish.enable = true;
|
|
services.darkman.enable = !cfg.steamDeck;
|
|
|
|
services.udev.packages = lib.optionals cfg.steamDeck [
|
|
pkgs.android-udev-rules
|
|
];
|
|
|
|
# TODO: Remove after switching occupation
|
|
services.clamav.daemon.enable = !cfg.steamDeck;
|
|
services.clamav.updater.enable = !cfg.steamDeck;
|
|
|
|
services.flatpak.enable = true;
|
|
|
|
sops.secrets = let
|
|
sopsFile = ../secrets/users/malte/secrets.yaml;
|
|
owner = "malte";
|
|
mode = "0400";
|
|
in {
|
|
restic-backup-malte = {
|
|
inherit sopsFile owner mode;
|
|
key = "restic-backup";
|
|
};
|
|
radicale-password = {
|
|
inherit sopsFile owner mode;
|
|
};
|
|
taskserver-private-key = {
|
|
inherit sopsFile owner mode;
|
|
};
|
|
taskserver-certificate = {
|
|
inherit sopsFile owner mode;
|
|
};
|
|
taskserver-ca-certificate = {
|
|
inherit sopsFile owner mode;
|
|
};
|
|
pw-mail-pm = {
|
|
inherit sopsFile owner mode;
|
|
};
|
|
pw-mail-uni = {
|
|
inherit sopsFile owner mode;
|
|
};
|
|
pw-mail-gmx = {
|
|
inherit sopsFile owner mode;
|
|
};
|
|
pw-mail-schulverwalter = {
|
|
inherit sopsFile owner mode;
|
|
};
|
|
sftp-key = {
|
|
inherit sopsFile owner mode;
|
|
};
|
|
};
|
|
};
|
|
}
|