main
1{
2 pkgs,
3 lib,
4 config,
5 desktop,
6 hostname,
7 outputs,
8 stateVersion,
9 inputs,
10 globals,
11 libx,
12 ...
13}:
14let
15 ifExists = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
16in
17{
18 users.users.vincent = {
19 description = "Vincent Demeester";
20 createHome = true;
21 uid = 1000;
22 isNormalUser = true;
23 shell = pkgs.zsh;
24 extraGroups = [
25 "users"
26 "wheel"
27 ]
28 ++ lib.optionals (builtins.isString desktop) [
29 "networkmanager"
30 "audio"
31 "video"
32 ]
33 ++ ifExists [
34 "buildkit"
35 "docker"
36 "libvirt"
37 "libvirtd"
38 "nginx"
39 "plugdev"
40 "tss"
41 "messagebus"
42 "lp"
43 "scanner"
44 ];
45 subUidRanges = [
46 {
47 startUid = 100000;
48 count = 65536;
49 }
50 ];
51 subGidRanges = [
52 {
53 startGid = 100000;
54 count = 65536;
55 }
56 ];
57 initialPassword = "changeMe";
58
59 # FIXME set this up better
60 openssh.authorizedKeys.keys = globals.ssh.vincent;
61
62 # 🤔
63 packages = [ pkgs.home-manager ];
64 };
65
66 nix.settings.trusted-users = [ "vincent" ];
67
68 security = {
69 pam = {
70 # Nix will hit the stack limit when using `nixFlakes`.
71 loginLimits = [
72 {
73 domain = config.users.users.vincent.name;
74 item = "stack";
75 type = "-";
76 value = "unlimited";
77 }
78 ];
79 };
80 };
81
82 # Enable user units to persist after sessions end.
83 users.users.vincent.linger = true;
84
85 # Do I user home-manager nixosModule *or* home-manager on its own
86 home-manager.users.vincent = import ../../../home/default.nix {
87 inherit
88 config
89 pkgs
90 lib
91 hostname
92 desktop
93 globals
94 outputs
95 inputs
96 stateVersion
97 libx
98 ;
99 username = "vincent";
100 };
101 # This is a workaround for not seemingly being able to set $EDITOR in home-manager
102 environment.sessionVariables = {
103 EDITOR = "emacs";
104 };
105}