diff --git a/lib/mkHost.nix b/lib/mkHost.nix index efd2078..f3c4bb3 100644 --- a/lib/mkHost.nix +++ b/lib/mkHost.nix @@ -15,8 +15,14 @@ let hostHWConfig = ../hosts/${name}/hardware-configuration.nix; hasHWConfig = builtins.pathExists hostHWConfig; + # Load NixOS-level user config (account, groups, SSH keys) + userNixosConfigs = map (user: ../users/${user}/nixos.nix) ( + builtins.filter (user: builtins.pathExists ../users/${user}/nixos.nix) users + ); + + # Load home-manager user config userHMConfigs = nixpkgs.lib.genAttrs users ( - user: import ../users/${user}/home-manager.nix { inherit inputs; } + user: import ../users/${user}/home-manager.nix ); in @@ -31,11 +37,13 @@ nixpkgs.lib.nixosSystem { hostConfig ] ++ nixpkgs.lib.optional hasHWConfig hostHWConfig + ++ userNixosConfigs ++ [ inputs.home-manager.nixosModules.home-manager { home-manager.useGlobalPkgs = true; home-manager.useUserPackages = true; + home-manager.backupFileExtension = "backup"; home-manager.users = userHMConfigs; home-manager.extraSpecialArgs = { inherit inputs; }; } diff --git a/users/matej/keys.nix b/users/matej/keys.nix new file mode 100644 index 0000000..4abff00 --- /dev/null +++ b/users/matej/keys.nix @@ -0,0 +1,6 @@ +{ + sshAuthorizedKeys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICQGLdINKzs+sEy62Pefng0bcedgU396+OryFgeH99/c janezicmatej" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDk00+Km03epQXQs+xEwwH3zcurACzkEH+kDOPBw6RQe openpgp:0xB095D449" + ]; +} diff --git a/users/matej/nixos.nix b/users/matej/nixos.nix new file mode 100644 index 0000000..9b2a2c0 --- /dev/null +++ b/users/matej/nixos.nix @@ -0,0 +1,27 @@ +{ + lib, + config, + pkgs, + ... +}: +let + keys = import ./keys.nix; +in +{ + users.users.matej = { + uid = 1000; + isNormalUser = true; + home = "/home/matej"; + shell = pkgs.zsh; + extraGroups = [ + "wheel" + "docker" + ]; + openssh.authorizedKeys.keys = keys.sshAuthorizedKeys; + }; + + users.groups.matej = { + gid = 1000; + members = [ "matej" ]; + }; +}