fix(system): clean / comment out TODO
This commit is contained in:
parent
ffdf37abb5
commit
0ce1c94748
|
@ -11,7 +11,6 @@
|
|||
};
|
||||
# KDE X
|
||||
displayManager.sddm.enable = true;
|
||||
displayManager.plasma5.enable = true;
|
||||
};
|
||||
}
|
||||
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
{ pkgs, inputs, config, lib, configVars, configLib, ... }:
|
||||
{ pkgs, inputs, config, lib, configVars, configLib, self, ... }:
|
||||
let
|
||||
ifTheyExist = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
|
||||
# sopsHashedPasswordFile = lib.optionalString (lib.hasAttr "sops-nix" inputs) config.sops.secrets."${configVars.username}/password".path;
|
||||
pubKeys = lib.filesystem.listFilesRecursive (./keys);
|
||||
# pubKeys = lib.filesystem.listFilesRecursive (./keys);
|
||||
|
||||
# these are values we don't want to set if the environment is minimal. E.g. ISO or nixos-installer
|
||||
# isMinimal is true in the nixos-installer/flake.nix
|
||||
|
@ -14,7 +14,7 @@ let
|
|||
};
|
||||
|
||||
# Import this user's personal/home configurations
|
||||
home-manager.users.${configVars.username} = import ("${self}/home/${configVars.username}/${config.networking.hostName}.nix");
|
||||
home-manager.users.${configVars.username} = import ( configLib.relativeToRoot "home/${configVars.username}/${config.networking.hostName}.nix");
|
||||
};
|
||||
in
|
||||
{
|
||||
|
@ -24,7 +24,7 @@ in
|
|||
users.mutableUsers = false; # Only allow declarative credentials; Required for sops
|
||||
users.users.${configVars.username} = {
|
||||
isNormalUser = true;
|
||||
password = "nixos"; # Overridden if sops is working
|
||||
# password = "nixos"; # Overridden if sops is working
|
||||
|
||||
extraGroups = [
|
||||
"wheel"
|
||||
|
@ -37,18 +37,18 @@ in
|
|||
];
|
||||
|
||||
# These get placed into /etc/ssh/authorized_keys.d/<name> on nixos
|
||||
openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key);
|
||||
# openssh.authorizedKeys.keys = lib.lists.forEach pubKeys (key: builtins.readFile key);
|
||||
|
||||
shell = pkgs.zsh; # default shell
|
||||
};
|
||||
|
||||
# Proper root use required for borg and some other specific operations
|
||||
users.users.root = {
|
||||
hashedPasswordFile = config.users.users.${configVars.username}.hashedPasswordFile;
|
||||
password = lib.mkForce config.users.users.${configVars.username}.password;
|
||||
# root's ssh keys are mainly used for remote deployment.
|
||||
openssh.authorizedKeys.keys = config.users.users.${configVars.username}.openssh.authorizedKeys.keys;
|
||||
};
|
||||
# users.users.root = {
|
||||
# hashedPasswordFile = config.users.users.${configVars.username}.hashedPasswordFile;
|
||||
# password = lib.mkForce config.users.users.${configVars.username}.password;
|
||||
# # root's ssh keys are mainly used for remote deployment.
|
||||
# openssh.authorizedKeys.keys = config.users.users.${configVars.username}.openssh.authorizedKeys.keys;
|
||||
#};
|
||||
|
||||
# No matter what environment we are in we want these tools for root, and the user(s)
|
||||
programs.zsh.enable = true;
|
||||
|
|
|
@ -54,8 +54,8 @@
|
|||
|
||||
# set custom autologin options. see greetd.nix for details
|
||||
# TODO is there a better spot for this?
|
||||
autoLogin.enable = true;
|
||||
autoLogin.username = "laozi";
|
||||
#autoLogin.enable = true;
|
||||
#autoLogin.username = "laozi";
|
||||
|
||||
# services.gnome.gnome-keyring.enable = true;
|
||||
# TODO enable and move to greetd area? may need authentication dir or something?
|
||||
|
|
Loading…
Reference in New Issue