nixos-config/nixos/components/mainUser.nix
2023-07-02 20:56:42 +02:00

98 lines
2.1 KiB
Nix

{ config, pkgs, lib, ... }:
with lib;
with types;
let
cfg = config.components.mainUser;
dockerGroup =
if (config.virtualisation.docker.enable) then [ "docker" ] else [ ];
vboxGroup =
if (config.virtualisation.virtualbox.host.enable) then
[ "vboxusers" ]
else
[ ];
in
{
options.components.mainUser = {
enable = mkEnableOption "enable mainUser for a system";
userName = mkOption {
type = str;
default = "palo";
description = ''
name of the main user
'';
};
uid = mkOption {
type = int;
default = 1337;
description = ''
uid of main user
'';
};
extraGroups = mkOption {
default = [ ];
type = listOf str;
description = ''
list of groups the main user should also be in
'';
};
authorizedKeyFiles = mkOption {
default = [ ];
type = listOf str;
description = ''
list of keys allowed to login as this user
'';
};
};
config = mkIf cfg.enable {
users = {
mutableUsers = true;
defaultUserShell = pkgs.zsh;
groups.mainUser.name = cfg.userName;
users.mainUser = {
isNormalUser = true;
name = cfg.userName;
uid = cfg.uid;
home = "/home/${cfg.userName}";
initialPassword = cfg.userName;
extraGroups = [ "wheel" "networkmanager" "transmission" "wireshark" "audio" "pipewire" "input" ]
++ dockerGroup ++ vboxGroup ++ cfg.extraGroups;
openssh.authorizedKeys.keyFiles = cfg.authorizedKeyFiles;
group = config.users.groups.mainUser.name;
};
};
home-manager.users.mainUser.home.file.".mainUser" = {
enable = true;
text = builtins.toJSON (
{
mainUser = config.users.users.mainUser.name;
normalUser = mapAttrs (_: value: value.name)
(filterAttrs (_: value: value.isNormalUser)
config.users.users);
systemUser = mapAttrs (_: value: value.name)
(filterAttrs (_: value: value.isSystemUser)
config.users.users);
}
);
};
};
}