2023-09-25 18:29:29 +02:00
|
|
|
{ config, ... }:
|
|
|
|
|
|
|
|
{
|
|
|
|
age.secrets = {
|
|
|
|
root-password.file = ../../secrets/root-password.age;
|
|
|
|
moritz-password.file = ../../secrets/moritz-password.age;
|
|
|
|
};
|
|
|
|
users.users = {
|
|
|
|
root.hashedPasswordFile = config.age.secrets.root-password.path;
|
|
|
|
moritz.hashedPasswordFile = config.age.secrets.moritz-password.path;
|
|
|
|
};
|
|
|
|
users.mutableUsers = false;
|
|
|
|
environment.persistence."/persist" = {
|
|
|
|
hideMounts = true;
|
|
|
|
directories = [
|
|
|
|
"/etc/NetworkManager/system-connections"
|
|
|
|
"/var/db/dhcpcd/"
|
|
|
|
"/var/lib/NetworkManager/"
|
|
|
|
"/var/lib/bluetooth"
|
|
|
|
"/var/lib/nixos"
|
|
|
|
"/var/lib/systemd/coredump"
|
|
|
|
"/var/log"
|
|
|
|
];
|
|
|
|
files = [
|
|
|
|
"/etc/machine-id"
|
|
|
|
"/etc/nix/id_rsa"
|
|
|
|
"/etc/ssh/ssh_host_ed25519_key"
|
|
|
|
"/etc/ssh/ssh_host_ed25519_key.pub"
|
|
|
|
"/etc/ssh/ssh_host_rsa_key"
|
|
|
|
"/etc/ssh/ssh_host_rsa_key.pub"
|
|
|
|
];
|
|
|
|
users.moritz = {
|
|
|
|
directories = [
|
|
|
|
".SynologyDrive/data"
|
|
|
|
".SynologyDrive/log"
|
|
|
|
".cache/keepassxc"
|
|
|
|
".cache/nvim/luac"
|
|
|
|
".config/Nextcloud"
|
|
|
|
".config/keepassxc"
|
|
|
|
".local/share/direnv"
|
2023-09-30 12:02:27 +02:00
|
|
|
".local/share/nvim"
|
2023-09-25 18:29:29 +02:00
|
|
|
".local/share/zoxide"
|
|
|
|
".local/state/nvim"
|
2023-10-10 11:53:47 +02:00
|
|
|
".config/kdeconnect"
|
2023-10-12 09:55:12 +02:00
|
|
|
".cat_installer" # eduroam
|
2023-09-25 18:29:29 +02:00
|
|
|
".mozilla"
|
|
|
|
"Documents"
|
|
|
|
"Downloads"
|
|
|
|
"Music"
|
|
|
|
"Pictures"
|
|
|
|
"Videos"
|
|
|
|
{ directory = ".gnupg"; mode = "0700"; }
|
|
|
|
{ directory = ".local/share/keyrings"; mode = "0700"; }
|
|
|
|
{ directory = ".ssh"; mode = "0700"; }
|
|
|
|
];
|
|
|
|
files = [
|
|
|
|
".local/share/fish/fish_history"
|
|
|
|
".local/share/nix/trusted-settings.json"
|
|
|
|
".parallel/will-cite"
|
|
|
|
];
|
|
|
|
};
|
|
|
|
users.root = {
|
|
|
|
home = "/root";
|
|
|
|
directories = [
|
|
|
|
{ directory = ".gnupg"; mode = "0700"; }
|
|
|
|
{ directory = ".ssh"; mode = "0700"; }
|
|
|
|
];
|
|
|
|
files = [
|
|
|
|
".local/share/nix/trusted-settings.json"
|
|
|
|
];
|
|
|
|
};
|
|
|
|
};
|
|
|
|
}
|