infra/nix/os/devices/steveej-nuc7pjyh-work/user.nix

{
  config,
  pkgs,
  ...
}: let
  passwords = import ../../../variables/passwords.crypt.nix;
  keys = import ../../../variables/keys.nix;
  inherit (import ../../lib/default.nix {inherit (pkgs) lib;}) mkUser;
in {
  users.extraUsers.sjunker = mkUser {
    uid = 1001;
    openssh.authorizedKeys.keys = keys.users.steveej.openssh;
    shell = pkgs.posh {
      image = "quay.io/enarx/fedora";
      run_args = "-v /dev/sgx:/dev/sgx";
    };
    extraGroups = ["sgx"];

    subUidRanges = [
      {
        startUid = 100000;
        count = 65536;
      }
    ];
    subGidRanges = [
      {
        startGid = 100000;
        count = 65536;
      }
    ];
  };
}