{ pkgs, lib, config, inputs, ... }: { config = { age.secrets.id_ed25519 = { file = ../secrets/id_ed25519.age; mode = "600"; owner = "tzlil"; group = "users"; }; programs.fish.enable = true; # needed now users.users.tzlil = { isNormalUser = true; extraGroups = ["wheel"] ++ lib.optional config.virtualisation.docker.enable "docker" ++ lib.optional config.virtualisation.libvirtd.enable "libvirtd" ++ lib.optional config.networking.networkmanager.enable "networkmanager" ++ lib.optional config.programs.light.enable "video" ++ lib.optional config.programs.adb.enable "adbusers"; packages = [pkgs.git]; shell = pkgs.fish; hashedPassword = "$6$FAQYKz3OCtRNOP7h$XsApvP.r./Jv5MRI1idDI9BMnA26xxEvXFlE61Zls.QA3EK2x76XsetdpxSlgViylnRwRuq5XQMc3GeAJ7tum1"; # passwordFile = config.age.secrets.password.path; createHome = true; openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIgPE76xQXx1kpvWavHGNOWHiZSFdGfz/rQlISGrKsDe" ]; }; home-manager = { useGlobalPkgs = true; useUserPackages = true; backupFileExtension = "backup"; }; home-manager.users.tzlil = {pkgs, ...} @ hm: { home = { username = "tzlil"; homeDirectory = "/home/tzlil"; sessionVariables.SSH_AUTH_SOCK = "/run/user/1000/ssh-agent"; }; programs.ssh = { enable = true; userKnownHostsFile = builtins.toFile "known_hosts" " pc ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINu5lRKb1Ao4uj1tAV10QHKIvXfC8ncQ65b+oJtxrd1e vm ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHS6LK6rCmJCR/rKVJYVmJTL8fAdyJSLlgC3mesd6QVS vps ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMdOuj27GB703ZRKRqhytlaLJsKucaRa//yswxijAZT7 "; matchBlocks."*".identityFile = config.age.secrets."id_ed25519".path; }; systemd.user.services.ssh-agent = let agentTimeout = "1h"; in { Unit = { Description = "SSH Agent"; }; Install = { WantedBy = ["default.target"]; }; Service = { ExecStartPre = "${pkgs.coreutils}/bin/rm -f %t/ssh-agent"; ExecStart = "${pkgs.openssh}/bin/ssh-agent " + "-t ${agentTimeout} " + "-a %t/ssh-agent"; StandardOutput = "null"; Type = "forking"; Restart = "on-failure"; SuccessExitStatus = "0 2"; }; }; }; }; }