diff options
Diffstat (limited to 'modules/nixos/profiles/server.nix')
| -rw-r--r-- | modules/nixos/profiles/server.nix | 18 |
1 files changed, 8 insertions, 10 deletions
diff --git a/modules/nixos/profiles/server.nix b/modules/nixos/profiles/server.nix index d54285d..8934863 100644 --- a/modules/nixos/profiles/server.nix +++ b/modules/nixos/profiles/server.nix @@ -18,10 +18,6 @@ in { options.profiles.server = { enable = lib.mkEnableOption "the Server profile"; - - hostUser = lib.mkEnableOption "a default interactive user" // { - default = true; - }; }; config = lib.mkIf cfg.enable ( @@ -36,6 +32,10 @@ in boot.tmp.cleanOnBoot = lib.mkDefault true; + borealis.users = { + system.enable = true; + }; + # We don't need it here documentation.enable = false; @@ -65,17 +65,15 @@ in secrets.enable = true; }; + # I use exclusively Tailscale auth on some machines + users.allowNoPasswordLogin = true; + zramSwap.enable = true; } - (lib.mkIf cfg.hostUser { + (lib.mkIf config.borealis.users.system.enable { # Hardening access to `nix` as no other users *should* ever really touch it nix.settings.allowed-users = [ config.networking.hostName ]; - - users.users.${config.networking.hostName} = { - isNormalUser = true; - extraGroups = [ "wheel" ]; - }; }) ] ); |