1 files changed, 78 insertions, 0 deletions
diff --git a/profiles/tzlil.nix b/profiles/tzlil.nix
new file mode 100644
index 0000000..0e242e1
--- /dev/null
+++ b/profiles/tzlil.nix
@@ -0,0 +1,78 @@
+{
+  pkgs,
+  lib,
+  config,
+  inputs,
+  ...
+}: {
+  config = {
+    age.secrets.id_ed25519 = {
+      file = ../secrets/id_ed25519.age;
+      mode = "600";
+      owner = "tzlil";
+      group = "users";
+    };
+
+    programs.fish.enable = true; # needed now
+    users.users.tzlil = {
+      isNormalUser = true;
+      extraGroups =
+        ["wheel"]
+        ++ lib.optional config.virtualisation.docker.enable "docker"
+        ++ lib.optional config.virtualisation.libvirtd.enable "libvirtd"
+        ++ lib.optional config.networking.networkmanager.enable "networkmanager"
+        ++ lib.optional config.programs.light.enable "video"
+        ++ lib.optional config.programs.adb.enable "adbusers";
+      packages = [pkgs.git];
+      shell = pkgs.fish;
+      hashedPassword = "$6$FAQYKz3OCtRNOP7h$XsApvP.r./Jv5MRI1idDI9BMnA26xxEvXFlE61Zls.QA3EK2x76XsetdpxSlgViylnRwRuq5XQMc3GeAJ7tum1";
+      # passwordFile = config.age.secrets.password.path;
+      openssh.authorizedKeys.keys = [
+        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIgPE76xQXx1kpvWavHGNOWHiZSFdGfz/rQlISGrKsDe"
+      ];
+    };
+
+    home-manager = {
+      useGlobalPkgs = true;
+      useUserPackages = true;
+      backupFileExtension = "backup";
+    };
+
+    home-manager.users.tzlil = {pkgs, ...} @ hm: {
+      home = {
+        stateVersion = "22.05";
+        username = "tzlil";
+        homeDirectory = "/home/tzlil";
+        sessionVariables.SSH_AUTH_SOCK = "/run/user/1000/ssh-agent";
+      };
+      programs.ssh = {
+        enable = true;
+        userKnownHostsFile = builtins.toFile "known_hosts" "
+          pc ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINu5lRKb1Ao4uj1tAV10QHKIvXfC8ncQ65b+oJtxrd1e
+          vm ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHS6LK6rCmJCR/rKVJYVmJTL8fAdyJSLlgC3mesd6QVS
+          vps ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMdOuj27GB703ZRKRqhytlaLJsKucaRa//yswxijAZT7
+        ";
+        matchBlocks."*".identityFile = config.age.secrets."id_ed25519".path;
+      };
+      systemd.user.services.ssh-agent = let
+        agentTimeout = "1h";
+      in {
+        Unit = {
+          Description = "SSH Agent";
+          After = ["default.target"];
+        };
+        Service = {
+          ExecStartPre = "${pkgs.coreutils}/bin/rm -f %t/ssh-agent";
+          ExecStart =
+            "${pkgs.openssh}/bin/ssh-agent "
+            + "-t ${agentTimeout} "
+            + "-a %t/ssh-agent";
+          StandardOutput = "null";
+          Type = "forking";
+          Restart = "on-failure";
+          SuccessExitStatus = "0 2";
+        };
+      };
+    };
+  };
+}