nixos/modules/users.nix

{config, lib, ...}:
with builtins;
with lib;
let adminGroups =
  filter (x: hasAttr x config.users.groups) [ "users" "networkmanager" "wheel" "keyd" "tss" "plugdev" "uinput" "tss" "disk" "dialout" "kvm" "docker" "libvirtd" ]
  ;
adminUser = name: { hashedPassword, sshKeys ? [], ...}@options: {
  users.users."${name}" = {
    isNormalUser = true;
    description = name;
    linger = true;
    extraGroups = adminGroups;
    hashedPassword = hashedPassword;
    openssh.authorizedKeys.keys = if (isList sshKeys) then sshKeys else [ sshKeys ];
  };
};
in
{ config = mkMerge [
    (adminUser "james" {
      hashedPassword = "$6$rounds=3329299$pm3dw//wbFgSL3vc$9oXIvCyHqvQHpcn0cvn686mlbt5T4Qd4c5vgSdI8oNhVGXb7pteLyzN.b2pJ3w22NsPovWoL9M.ScyJXRTPP10";
      sshKeys = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA2FMpfO9p2xfATWwaqpT3cGwYOtraiTMfmRXDBI7jrR james";
    })
];}