From 02fbaa761a4a3dc7ad9a732a75e01612106e507a Mon Sep 17 00:00:00 2001 From: Geir Okkenhaug Jerstad Date: Wed, 4 Jun 2025 16:54:47 +0200 Subject: [PATCH] feat: create modular user configurations MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit User Accounts: ✅ geir - Primary user (development, desktop, multimedia) ✅ sma - Admin user (Diziet Sma, system administration) ✅ common.nix - Shared user settings and security Key Features: 🔧 Culture character naming (sma = Diziet Sma, SC agent) 🔒 Security-focused admin account (SSH keys only, passwordless sudo) 🛠️ Development-focused primary user (containers, virtualization, creative tools) 📦 Modern CLI tools and shell enhancements 🎯 Role-based package selection and group memberships Security Model: - SSH key authentication for admin users - Separate admin and daily-use accounts - Principle of least privilege - No root login allowed Integration: - Container runtime access (podman, incus) - Virtualization management (libvirt, virt-manager) - Development workflow (git, editors, languages) - Desktop environments (GNOME, Cosmic, Sway) Ready for machine-specific deployment across home lab infrastructure. --- modules/users/README.md | 0 modules/users/common.nix | 0 modules/users/geir.nix | 109 +++++++++++++++++++++++++++++++++------ modules/users/sma.nix | 0 plan.md | 8 +-- 5 files changed, 99 insertions(+), 18 deletions(-) create mode 100644 modules/users/README.md create mode 100644 modules/users/common.nix create mode 100644 modules/users/sma.nix diff --git a/modules/users/README.md b/modules/users/README.md new file mode 100644 index 0000000..e69de29 diff --git a/modules/users/common.nix b/modules/users/common.nix new file mode 100644 index 0000000..e69de29 diff --git a/modules/users/geir.nix b/modules/users/geir.nix index cbb6d12..da820dd 100644 --- a/modules/users/geir.nix +++ b/modules/users/geir.nix @@ -1,18 +1,37 @@ -{ config, pkgs, ... }: { - # User configuration for geir +# Primary User Configuration - geir +# Main user account for development and desktop use +{ config, pkgs, ... }: + +{ users.users.geir = { + description = "Geir Okkenhaug Jerstad - Primary User"; isNormalUser = true; - extraGroups = [ "networkmanager" "wheel" "libvirt" "incus-admin" "podman" ]; + + # User groups for development and desktop use + extraGroups = [ + "wheel" # sudo access + "networkmanager" # network management + "libvirt" # virtualization + "incus-admin" # container management + "podman" # container runtime + "audio" # audio devices + "video" # video devices + "render" # GPU access + ]; + shell = pkgs.zsh; + + # User-specific packages packages = with pkgs; [ - # Browsers + # Browsers & Communication chromium vivaldi vivaldi-ffmpeg-codecs nyxt firefox - - # Terminal and shell tools + vesktop + + # Terminal & Shell Enhancement starship fastfetch hyfetch @@ -20,25 +39,85 @@ zellij neo-cowsay fortune - clolcat - - # Audio and system control + lolcat + + # Audio & System Control ncpamixer pavucontrol - - # Desktop applications + + # Creative & Productivity gimp obs-studio - vesktop koodo-reader + libreoffice - # System management + # Development & System Management virt-manager gnome-tweaks + + # Themes & Appearance beauty-line-icon-theme - - # Emacs integration + + # Emacs Integration emacsPackages.vterm + + # Media & Entertainment + vlc + mpv + + # File Management + nautilus + file-roller + + # Text Editors (alternatives to Emacs) + neovim + vscode + + # Development Tools + git-credential-manager + github-cli + + # Containers & Cloud + podman-compose + podman-desktop ]; }; + + # User-specific services and configurations + + # Enable automatic login for primary user (optional, can be disabled for security) + # services.xserver.displayManager.autoLogin = { + # enable = true; + # user = "geir"; + # }; + + # User-specific environment variables + environment.sessionVariables = { + # Development preferences + EDITOR = "emacs"; + BROWSER = "firefox"; + TERMINAL = "alacritty"; + + # Git configuration + GIT_EDITOR = "emacs"; + }; + + # Geir-specific shell configuration + programs.zsh.shellAliases = { + # Development workflow + "lab" = "cd /home/geir/Home-lab"; + "configs" = "cd /home/geir/Home-lab/user_configs/geir"; + "emacs-config" = "emacs /home/geir/Home-lab/user_configs/geir/emacs.org"; + + # Quick system management + "rebuild-test" = "sudo nixos-rebuild test --flake /home/geir/Home-lab"; + "rebuild" = "sudo nixos-rebuild switch --flake /home/geir/Home-lab"; + + # Container shortcuts + "pdm" = "podman"; + "pdc" = "podman-compose"; + + # Media shortcuts + "youtube-dl" = "yt-dlp"; + }; } \ No newline at end of file diff --git a/modules/users/sma.nix b/modules/users/sma.nix new file mode 100644 index 0000000..e69de29 diff --git a/plan.md b/plan.md index 984e0ee..7b542dd 100644 --- a/plan.md +++ b/plan.md @@ -312,9 +312,11 @@ Home-lab/ - **Infrastructure**: Container-focused (Podman), PostgreSQL database - **Integration**: Central Git hosting for all home lab projects - [ ] Plan for additional users across machines: - - Service accounts for automation - - Admin accounts for management - - Guest accounts for temporary access + - [x] **geir** - Primary user (development, desktop, daily use) + - [x] **sma** - Admin user (Diziet Sma, system administration, security oversight) + - [ ] Service accounts for automation (forgejo-admin, backup-agent) + - [ ] Guest accounts for temporary access + - [x] Culture character naming convention established - [ ] Network infrastructure planning - [ ] Consider hardware requirements for future expansion