{
lib,
config,
inputs,
...
}: let
cfg = config.nixos.users.leyla;
in {
options.nixos.users.leyla = {
isDesktopUser = lib.mkEnableOption "install applications intended for desktop use";
isTerminalUser = lib.mkEnableOption "install applications intended for terminal use";
hasGPU = lib.mkEnableOption "installs gpu intensive programs";
};
config = {
nixpkgs.config.allowUnfree = true;
sops.secrets = lib.mkIf (cfg.isDesktopUser || cfg.isTerminalUser) {
"passwords/leyla" = {
neededForUsers = true;
sopsFile = "${inputs.secrets}/user-passwords.yaml";
};
};
users.users.leyla = (
if (cfg.isDesktopUser || cfg.isTerminalUser)
then {
isNormalUser = true;
extraGroups = (
["networkmanager" "wheel" "dialout"]
++ lib.lists.optional (!cfg.isTerminalUser) "adbusers"
);
hashedPasswordFile = config.sops.secrets."passwords/leyla".path;
openssh = {
authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJHeItmt8TRW43uNcOC+eIurYC7Eunc0V3LGocQqLaYj leyla@horizon"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKBiZkg1c2aaNHiieBX4cEziqvJVj9pcDfzUrKU/mO0I leyla@twilight"
];
};
}
else {
isSystemUser = true;
}
);
services = {
# ollama = {
# enable = cfg.hasGPU;
# acceleration = "cuda";
# };
# TODO: this should reference the home directory from the user config
openssh.hostKeys = [
{
comment = "leyla@" + config.networking.hostName;
path = "/home/leyla/.ssh/leyla_" + config.networking.hostName + "_ed25519";
rounds = 100;
type = "ed25519";
}
];
};
programs = {
steam = lib.mkIf cfg.isDesktopUser {
enable = true;
remotePlay.openFirewall = true; # Open ports in the firewall for Steam Remote Play
dedicatedServer.openFirewall = true; # Open ports in the firewall for Source Dedicated ServerServer
localNetworkGameTransfers.openFirewall = true; # Open ports in the firewall for Steam Local Network Game Transfers
};
noisetorch.enable = cfg.isDesktopUser;
adb.enable = cfg.isDesktopUser;
};
};
}