vincent.nix

  1{
  2  pkgs,
  3  lib,
  4  config,
  5  desktop,
  6  hostname,
  7  outputs,
  8  stateVersion,
  9  inputs,
 10  globals,
 11  libx,
 12  ...
 13}:
 14let
 15  ifExists = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
 16in
 17{
 18  users.users.vincent = {
 19    description = "Vincent Demeester";
 20    createHome = true;
 21    uid = 1000;
 22    isNormalUser = true;
 23    shell = pkgs.zsh;
 24    extraGroups = [
 25      "users"
 26      "wheel"
 27    ]
 28    ++ lib.optionals (builtins.isString desktop) [
 29      "networkmanager"
 30      "audio"
 31      "video"
 32    ]
 33    ++ ifExists [
 34      "buildkit"
 35      "docker"
 36      "libvirt"
 37      "libvirtd"
 38      "nginx"
 39      "plugdev"
 40      "tss"
 41      "messagebus"
 42      "lp"
 43      "scanner"
 44    ];
 45    subUidRanges = [
 46      {
 47        startUid = 100000;
 48        count = 65536;
 49      }
 50    ];
 51    subGidRanges = [
 52      {
 53        startGid = 100000;
 54        count = 65536;
 55      }
 56    ];
 57    initialPassword = "changeMe";
 58
 59    # FIXME set this up better
 60    openssh.authorizedKeys.keys = globals.ssh.vincent;
 61
 62    # 🤔
 63    packages = [ pkgs.home-manager ];
 64  };
 65
 66  nix.settings.trusted-users = [ "vincent" ];
 67
 68  security = {
 69    pam = {
 70      # Nix will hit the stack limit when using `nixFlakes`.
 71      loginLimits = [
 72        {
 73          domain = config.users.users.vincent.name;
 74          item = "stack";
 75          type = "-";
 76          value = "unlimited";
 77        }
 78      ];
 79    };
 80  };
 81
 82  # Enable user units to persist after sessions end.
 83  # system.activationScripts.loginctl-enable-linger-vincent = lib.stringAfter [ "users" ] ''
 84  #   ${pkgs.systemd}/bin/loginctl enable-linger ${config.users.users.vincent.name}
 85  # '';
 86
 87  # Do I user home-manager nixosModule *or* home-manager on its own
 88  home-manager.users.vincent = import ../../../home/default.nix {
 89    inherit
 90      config
 91      pkgs
 92      lib
 93      hostname
 94      desktop
 95      globals
 96      outputs
 97      inputs
 98      stateVersion
 99      libx
100      ;
101    username = "vincent";
102  };
103  # This is a workaround for not seemingly being able to set $EDITOR in home-manager
104  environment.sessionVariables = {
105    EDITOR = "emacs";
106  };
107}