{ config, pkgs, lib, ... }: let psCfg = config.pub-solar; in with lib; { imports = [ ./home.nix ]; options.pub-solar = { user = { name = mkOption { description = "User login name"; type = types.nullOr types.str; default = "nixos"; }; description = mkOption { description = "User description"; type = types.nullOr types.str; default = "The main PubSolarOS user"; }; password = mkOption { description = "User password"; type = types.nullOr types.str; default = null; }; publicKeys = mkOption { description = "User SSH public keys"; type = types.listOf types.str; default = []; }; fullName = mkOption { description = "User full name"; type = types.nullOr types.str; default = null; }; email = mkOption { description = "User email address"; type = types.nullOr types.str; default = null; }; gpgKeyId = mkOption { description = "GPG Key ID"; type = types.nullOr types.str; default = null; }; }; }; config = { users = { mutableUsers = false; users = with pkgs; pkgs.lib.setAttrByPath [psCfg.user.name] { # Indicates whether this is an account for a “real” user. # This automatically sets group to users, createHome to true, # home to /home/username, useDefaultShell to true, and isSystemUser to false. isNormalUser = true; description = psCfg.user.description; extraGroups = [ "input" "lp" "networkmanager" "scanner" "video" "dialout" "wheel" ]; shell = pkgs.bash; initialHashedPassword = if psCfg.user.password != null then psCfg.user.password else ""; openssh.authorizedKeys.keys = if psCfg.user.publicKeys != null then psCfg.user.publicKeys else []; }; }; }; }