nix-infra/config/common/users.nix

# Common users.
# Sources for this configuration:
# - a generated NixOS 23.05 configuration
# - https://nixos.org/manual/nixos/stable/#sec-user-management

{ config, pkgs, lib, ... }:

let
  authorizedKeysRepo = builtins.fetchGit {
    url = "ssh://git@gitlab.hamburg.ccc.de:4242/ccchh/infrastructure-authorized-keys.git";
    ref = "trunk";
    rev = "1b625d752fe5f19fd110871b9e3dfc6c93d3495a";
  };
in
  {
    users.mutableUsers = false;

    users.users.chaos = {
      isNormalUser = true;
      description = "Chaos";
      extraGroups = [ "wheel" ];
      openssh.authorizedKeys.keys = builtins.filter (item: item != "") (lib.strings.splitString "\n" (builtins.readFile "${authorizedKeysRepo}/authorized_keys"));
    };

    # Since our user doesn't have a password, allow passwordless sudo for wheel.
    security.sudo.wheelNeedsPassword = false;
  }
Initial commit. Add configuration for NixOS Proxmox image 2023-09-11 23:20:34 +02:00			`# Common users.`
			`# Sources for this configuration:`
			`# - a generated NixOS 23.05 configuration`
			`# - https://nixos.org/manual/nixos/stable/#sec-user-management`

			`{ config, pkgs, lib, ... }:`

			`let`
			`authorizedKeysRepo = builtins.fetchGit {`
			`url = "ssh://git@gitlab.hamburg.ccc.de:4242/ccchh/infrastructure-authorized-keys.git";`
			`ref = "trunk";`
			`rev = "1b625d752fe5f19fd110871b9e3dfc6c93d3495a";`
			`};`
			`in`
			`{`
			`users.mutableUsers = false;`

			`users.users.chaos = {`
			`isNormalUser = true;`
			`description = "Chaos";`
			`extraGroups = [ "wheel" ];`
			`openssh.authorizedKeys.keys = builtins.filter (item: item != "") (lib.strings.splitString "\n" (builtins.readFile "${authorizedKeysRepo}/authorized_keys"));`
			`};`

			`# Since our user doesn't have a password, allow passwordless sudo for wheel.`
			`security.sudo.wheelNeedsPassword = false;`
			`}`