christoph/flake-nixinator
1
Fork 0
Code Activity

System: Disable mutable users + set explicit uid/gid

Browse Source
This commit is contained in:
Christoph Urlacher
2025-07-16 16:24:23 +02:00
parent 79083ff6f2
commit d00b55b1ac
1 changed files with 5 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
system/default.nix
View File

@ -216,10 +216,13 @@ with mylib.networking; {
console.keyMap = "us-acentos"; console.keyMap = "us-acentos";
# Define a user account. Password is set from sops-nix secrets automatically. # Define a user account. Password is set from sops-nix secrets automatically.
users.mutableUsers = false; # Users are always overridden by stuff defined here
users.users.${username} = { users.users.${username} = {
isNormalUser = true; isNormalUser = true;
hashedPasswordFile = config.sops.secrets.user-password.path; hashedPasswordFile = config.sops.secrets.user-password.path;
description = "Christoph"; description = "Christoph";
group = "users";
uid = 1000;
extraGroups = [ extraGroups = [
"networkmanager" "networkmanager"
"wheel" "wheel"
@ -241,6 +244,8 @@ with mylib.networking; {
# packages = with pkgs; []; # packages = with pkgs; [];
}; };
users.groups."users".gid = 100;
# We want these packages to be available even when no user profile is active # We want these packages to be available even when no user profile is active
# Empty since we basically only need git + editor which is enabled below # Empty since we basically only need git + editor which is enabled below
environment.systemPackages = with pkgs; [ environment.systemPackages = with pkgs; [