Common; disable mutable users

Common: set toast password
2025-12-19 12:20:35 +01:00 · 2025-12-19 12:14:24 +01:00
2 changed files with 10 additions and 4 deletions
--- a/flake.lock
+++ b/flake.lock
@ -524,11 +524,11 @@
    "secrets": {
      "flake": false,
      "locked": {
-        "lastModified": 1765212399,
+        "lastModified": 1766142512,
-        "narHash": "sha256-QEjuaK17HddWr0ZBRhsg3nt4QhSxQZ1i9YO2ctV045c=",
+        "narHash": "sha256-h/vlxWqgEGbnrTWAFW+TCTJSQ1mAlkWyMM3HyHeqpF4=",
        "ref": "refs/heads/main",
-        "rev": "43c8697580bb389aea565459802c3b9827aa2d3d",
+        "rev": "b87ab22fedeb4187669f1e546f18fb7d781721ba",
-        "revCount": 38,
+        "revCount": 40,
        "type": "git",
        "url": "ssh://forgejo@git.toast003.xyz:4222/Toast/nix-secrets"
      },
--- a/roles/common/configuration.nix
+++ b/roles/common/configuration.nix
@ -90,10 +90,12 @@
  };
  # Set up my user
  users.mutableUsers = false;
  users.users.toast = {
    isNormalUser = true;
    description = "Toast";
    extraGroups = ["wheel"];
    hashedPasswordFile = config.sops.secrets.toast.path;
  };
  # Set up time zone.
@ -162,6 +164,10 @@
  sops = {
    age.sshKeyPaths = ["/persist/id_host"];
    defaultSopsFile = "${flakeSelf.inputs.secrets}/${config.networking.hostName}.yaml";
    secrets.toast = {
      sopsFile = "${flakeSelf.inputs.secrets}/passwd.yaml";
      neededForUsers = true;
    };
  };
  catppuccin.grub.enable = true;
Author	SHA1	Message	Date
Toast	b5a8a9a545	Common; disable mutable users	2025-12-19 12:20:35 +01:00
Toast	6365f7b4f3	Common: set toast password	2025-12-19 12:14:24 +01:00