more separation

This commit is contained in:
2026-04-23 16:03:32 -05:00
parent 779310fb2c
commit 250c949bd6
10 changed files with 105 additions and 41 deletions

View File

@@ -9,13 +9,16 @@
config = {
sops.secrets."nathan/pass".neededForUsers = true;
sops.secrets."nathan/pass" = {
neededForUsers = true;
sopsFile = ./secrets.yaml;
};
users.users.nathan = {
shell = pkgs.zsh;
name = lib.mkDefault "nathan";
isNormalUser = lib.mkDefault true;
#hashedPasswordFile = lib.mkIf (cfg.hashedPasswordFile != null) cfg.hashedPasswordFile;
hashedPasswordFile = lib.mkDefault config.sops.secrets."nathan/pass".path;
extraGroups = [ "networkmanager" "docker" "libvirtd" "wheel" ];
openssh.authorizedKeys.keys = lib.mkMerge [
(useWith (homebox ++ iso) [