about summary refs log tree commit diff stats
path: root/modules/by-name/us/users
diff options
context:
space:
mode:
Diffstat (limited to 'modules/by-name/us/users')
-rw-r--r--modules/by-name/us/users/module.nix50
1 files changed, 50 insertions, 0 deletions
diff --git a/modules/by-name/us/users/module.nix b/modules/by-name/us/users/module.nix
new file mode 100644
index 00000000..a44df7e8
--- /dev/null
+++ b/modules/by-name/us/users/module.nix
@@ -0,0 +1,50 @@
+{
+  config,
+  pkgs,
+  lib,
+  ...
+}: let
+  cfg = config.soispha.users;
+in {
+  options.soispha.users = {
+    enable = lib.mkEnableOption "user set-up for soispha";
+    hashedPassword = lib.mkOption {
+      type = lib.types.str;
+      example = lib.literalExpression "$y$jFT$ONrCqZIJKB7engmfA4orD/$0GO58/wV5wrYWj0cyONhyujZPjFmbT0XKtx2AvXLG0B";
+      description = "The hashed password of the user";
+    };
+    groups = lib.mkOption {
+      type = lib.types.listOf lib.types.str;
+      default = ["wheel"];
+      description = "The groups the soispha user should be part of";
+    };
+
+    # Although deprecated, this helps with old udev rules, that still use this group.
+    # TODO: Try to find a way to remove this option (i.e. set it always to false).
+    enableDeprecatedPlugdev = lib.mkEnableOption "the deprecated plugdev group for the user";
+  };
+
+  config = lib.mkIf cfg.enable {
+    # Ensure that the default shell of the user is actually enabled.
+    programs.zsh.enable = true;
+
+    users = {
+      mutableUsers = false;
+
+      users.soispha = {
+        isNormalUser = true;
+        home = "/home/soispha";
+        createHome = true;
+        shell = pkgs.zsh;
+        initialHashedPassword = cfg.hashedPassword;
+        extraGroups = cfg.groups ++ lib.optional cfg.enableDeprecatedPlugdev "plugdev";
+
+        uid = 1000;
+        openssh.authorizedKeys.keys = [
+          # TODO: This should be parameterized. <2024-05-16>
+          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIME4ZVa+IoZf6T3U08JG93i6QIAJ4amm7mkBzO14JSkz"
+        ];
+      };
+    };
+  };
+}