Reset from zero

2023-12-11 18:18:41 -05:00 · 2023-12-11 18:18:41 -05:00 · 7520235965
commit 7520235965
46 changed files with 1783 additions and 0 deletions
--- a/nixos/users/noe.nix
+++ b/nixos/users/noe.nix
@ -0,0 +1,28 @@
+{ config, pkgs, ... }: {
+  users.users.noe = {
+    hashedPasswordFile = config.sops.secrets."users/noe/password".path;
+    isNormalUser = true;
+    extraGroups = [ "wheel" ];
+    shell = pkgs.fish;
+    openssh.authorizedKeys.keys = [
+      ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHrjnDY3hlN3cOCMBpcoh4GWdnG5nc9ZeOXJ7MtJVL3I'' 
+      ''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBs6/s+973H28jOrvN0zr1eayT+thrs61l1qV7uFhw8I'' 
+    ];
+  };
+
+  environment.systemPackages = [ pkgs.nixos-rebuild ];
+  security.sudo.extraRules = [
+    {
+      users = [ "noe" ];
+      commands = [
+        { command = "${pkgs.nixos-rebuild}/bin/nixos-rebuild"; options = [ "NOPASSWD" "SETENV" ]; }
+        { command = "/run/current-system/sw/bin/nixos-rebuild"; options = [ "NOPASSWD" "SETENV" ]; }
+        { command = "${pkgs.systemd}/bin/systemctl"; options = [ "NOPASSWD" "SETENV" ]; }
+        { command = "/run/current-system/sw/bin/shutdown"; options = [ "NOPASSWD" "SETENV" ]; }
+        { command = "/run/current-system/sw/bin/reboot"; options = [ "NOPASSWD" "SETENV" ]; }
+      ];
+    }
+  ];
+
+  sops.secrets."users/noe/password".neededForUsers = true;
+}