TODO: finish setting up core user settings

2026-02-26 14:12:35 -05:00 · 2025-06-07 09:03:05 -04:00 · 2025-06-07 09:03:05 -04:00 · 27af396b1f
commit 27af396b1f
parent 60b08d8dc4
3 changed files with 111 additions and 0 deletions
--- a/home/crow/common/core/default.nix
+++ b/home/crow/common/core/default.nix
@ -0,0 +1,37 @@
 {
  config,
  lib,
  pkgs,
  hostSpec,
  ...
 }: let
  platform =
    if hostSpec.isDarwin
    then "darwin"
    else "nixos";
 in {
  imports = lib.flatten [
    (map lib.custom.relativeToRoot [
      "modules/common/host-spec.nix"
      "modules/home"
    ])
    ./${platform.nix}
    ./xdg.nix
  ];
  inherit hostSpec;
  home = {
    username = lib.mkDefault config.hostSpec.username;
    homeDirectory = lib.mkDefault config.hostSpec.home;
    stateVersion = lib.mkDefault "24.05";
    sessionVariables = {
      SHELL = "zsh";
      TERM = "foot";
      TERMINAL = "foot";
      VISUAL = "nvim";
      EDITOR = "nvim";
    };
  };
 }
--- a/home/crow/common/core/xdg.nix
+++ b/home/crow/common/core/xdg.nix
@ -0,0 +1,28 @@
 {
  config,
  lib,
  hostSpec,
  ...
 }: {
  home = {
    preferXdgDirectories = true;
    xdg = {
      enable = true;
      userDirs = {
        enable = true;
        createDirectories = true;
        desktop = "${config.home.homeDirectory}/.desktop";
        documents = "${config.home.homeDirectory}/Documents";
        download = "${config.home.homeDirectory}/Downloads";
        music = "${config.home.homeDirectory}/media/audio";
        pictures = "${config.home.homeDirectory}/media/images";
        videos = "${config.home.homeDirectory}/media/video";
      };
      extraConfig = {
        XDG_PUBLICSHARE_DIR = "/var/empty";
        XDG_TEMPLATES_DIR = "/var/empty";
      };
    };
  };
 }
--- a/hosts/common/users/primary/nixos.nix
+++ b/hosts/common/users/primary/nixos.nix
@ -0,0 +1,46 @@
 # User config applicable only to nixos
 {
  inputs,
  config,
  lib,
  pkgs,
  ...
 }: let
  hostSpec = config.hostSpec;
  ifTheyExist = groups: builtins.filter (group: builtins.hasAttr group config.users.groups) groups;
  # Decrypt password to /run/secrets-for-users/ so it can be used to create the user
  sopsHashedPasswordFile = lib.optionalString (!config.hostSpec.isMinimal) config.sops.secrets."passwords/${hostSpec.username}".path;
 in {
  users.mutableUsers = false; # Only allow declarative credentials; Required for password to be set via sops during system activation!
  users.users.${hostSpec.username} = {
    home = "/home/${hostSpec.username}";
    isNormalUser = true;
    hashedPasswordFile = sopsHashedPasswordFile; # Blank if sops is not working.
    extraGroups = lib.flatten [
      "wheel"
      (ifTheyExist [
        "audio"
        "video"
        "docker"
        "podman"
        "dialout"
        "git"
        "networkmanager"
        "scanner" # for print/scan"
        "lp" # for print/scan"
      ])
    ];
  };
  # No matter what environment we are in we want these tools for root, and the user(s)
  programs.git.enable = true;
  users.users.root = {
    shell = pkgs.zsh;
    hashedPasswordFile = config.users.users.${hostSpec.username}.hashedPasswordFile;
    hashedPassword = config.users.users.${hostSpec.username}.hashedPassword; # This comes from hosts/common/optional/minimal.nix and gets overridden if sops is working
    openssh.authorizedKeys.keys = config.users.users.${hostSpec.username}.openssh.authorizedKeys.keys; # root's ssh keys are mainly used for remote deployment.
  };
 }