diff --git a/nixos/desktop/default.nix b/nixos/desktop/default.nix index a525c4b..6ccf2db 100644 --- a/nixos/desktop/default.nix +++ b/nixos/desktop/default.nix @@ -168,21 +168,6 @@ dockerCompat = true; }; - sops.secrets."lillian-password".neededForUsers = true; - - users.users.lillian = { - isNormalUser = true; - extraGroups = ["sudo" "networkmanager" "wheel" "vboxsf" "docker"]; - shell = pkgs.zsh; - hashedPasswordFile = config.sops.secrets."lillian-password".path; - }; - - users.mutableUsers = false; - - users.users.root = { - hashedPassword = "*"; - }; - boot.bootspec.enable = true; boot.kernelPackages = pkgs.linuxPackages_latest; boot.supportedFilesystems = ["bcachefs"]; diff --git a/nixos/hosts/queen/configuration.nix b/nixos/hosts/queen/configuration.nix index 87201be..393080c 100644 --- a/nixos/hosts/queen/configuration.nix +++ b/nixos/hosts/queen/configuration.nix @@ -135,18 +135,6 @@ # users.groups.virtualMail = {}; - users.users = { - lillian = { - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGatnsrKMoZSW24Lw4meb6BAgHgeyN/8rUib4nZVT+CB lillian@EDI" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC7+LEQnC/nlYp7nQ4p6hUCqaGiqfsA3Mg8bSy+zA8Fj lillian@GLaDOS" - ]; - isNormalUser = true; - extraGroups = ["sudo" "networkmanager" "wheel" "vboxsf"]; - shell = pkgs.zsh; - }; - }; - # Enable completion of system packages by zsh environment.pathsToLink = ["/share/zsh"]; diff --git a/nixos/hosts/shodan/configuration.nix b/nixos/hosts/shodan/configuration.nix index 0eb3bed..c44bca5 100644 --- a/nixos/hosts/shodan/configuration.nix +++ b/nixos/hosts/shodan/configuration.nix @@ -211,17 +211,7 @@ enable = true; }; - users.users = { - lillian = { - openssh.authorizedKeys.keys = [ - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCnYgErCnva8fvLvsmTMC6dHJp2Fvwja0BYL8K/58ugDxNA0PVGj5PpEMar5yhi4AFGGYL4EgD75tRgI/WQU87ZiKjJ6HFIhgX9curncB2kIJ0JoA+FIQMNOT72GFuhjcO4svanrobsMrRmcn193suXY/N6m6F+3pitxBfHPWuPKKjlZqVBzpqCdz9pXoGOk48OSYv7Zyw8roVsUw3fqJqs68LRLM/winWVhVSPabXGyX7PAAW51Nbv6M64REs+V1a+wGvK5sGhRy7lIBAIuD22tuL4/PZojST1hasKN+7cSp7F1QTi4u0yeQ2+gIclQNuhfvghzl6zcVEpOycFouSIJaJjo8jyuHkbm4I2XfALVTFHe7sLpYNNS7Mf6E6i5rHvAvtXI4UBx/LjgPOj7RWZFaotxQRk1D+N0y2xNrO4ft6mS+hrJ/+ybp1XTGdtlkpUDKjiTZkV7Z4fq9J0jtijvtxRfcPhjia50IIHtZ28wVBMCCwYzh5pR15F/XbvKCc= lillian@EDI" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC7+LEQnC/nlYp7nQ4p6hUCqaGiqfsA3Mg8bSy+zA8Fj lillian@GLaDOS" - ]; - isNormalUser = true; - extraGroups = ["sudo" "networkmanager" "wheel" "vboxsf" "decky"]; - shell = pkgs.zsh; - }; - }; + users.users.lillian.extraGroups = ["decky"]; # Enable completion of system packages by zsh environment.pathsToLink = ["/share/zsh"]; diff --git a/nixos/hosts/wheatley/configuration.nix b/nixos/hosts/wheatley/configuration.nix index a463516..83e5295 100644 --- a/nixos/hosts/wheatley/configuration.nix +++ b/nixos/hosts/wheatley/configuration.nix @@ -117,18 +117,6 @@ enable = true; }; - users.users = { - lillian = { - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGatnsrKMoZSW24Lw4meb6BAgHgeyN/8rUib4nZVT+CB lillian@EDI" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC7+LEQnC/nlYp7nQ4p6hUCqaGiqfsA3Mg8bSy+zA8Fj lillian@GLaDOS" - ]; - isNormalUser = true; - extraGroups = ["sudo" "networkmanager" "wheel" "vboxsf"]; - shell = pkgs.zsh; - }; - }; - home-manager = { extraSpecialArgs = {inherit inputs outputs;}; users = { diff --git a/nixos/shared/default.nix b/nixos/shared/default.nix index 281b3e1..b7e9f15 100644 --- a/nixos/shared/default.nix +++ b/nixos/shared/default.nix @@ -10,4 +10,22 @@ ./locale ./packages ]; + sops.secrets."lillian-password".neededForUsers = true; + + users.users.lillian = { + isNormalUser = true; + extraGroups = ["sudo" "networkmanager" "wheel" "vboxsf" "docker"]; + shell = pkgs.zsh; + hashedPasswordFile = config.sops.secrets."lillian-password".path; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGatnsrKMoZSW24Lw4meb6BAgHgeyN/8rUib4nZVT+CB lillian@EDI" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC7+LEQnC/nlYp7nQ4p6hUCqaGiqfsA3Mg8bSy+zA8Fj lillian@GLaDOS" + ]; + }; + + users.mutableUsers = false; + + users.users.root = { + hashedPassword = "*"; + }; }