32 lines
798 B
Nix
32 lines
798 B
Nix
{
|
|
lib,
|
|
config,
|
|
pkgs,
|
|
name,
|
|
publicKeys ? [ ],
|
|
defaultShell ? "zsh",
|
|
}:
|
|
|
|
{
|
|
inherit name;
|
|
isNormalUser = true;
|
|
shell = lib.mkIf config.programs.${defaultShell}.enable pkgs.${defaultShell};
|
|
hashedPasswordFile = config.sops.secrets."${name}/user-password".path or null;
|
|
openssh.authorizedKeys.keys = publicKeys;
|
|
extraGroups = [
|
|
"users"
|
|
"wheel"
|
|
"media"
|
|
(lib.mkIf config.networking.networkmanager.enable "networkmanager")
|
|
(lib.mkIf config.programs.adb.enable "adbusers")
|
|
(lib.mkIf config.programs.wireshark.enable "wireshark")
|
|
(lib.mkIf config.virtualisation.docker.enable "docker")
|
|
(lib.mkIf (with config.services.locate; (enable && package == pkgs.plocate)) "plocate")
|
|
"libvirtd"
|
|
"dialout"
|
|
"plugdev"
|
|
"uaccess"
|
|
"ydotool"
|
|
];
|
|
}
|