✨ Add Dr. Frontend user for work, cleanup nixos modules

.sops.yaml

@@ -23,3 +23,8 @@ creation_rules:
     key_groups:
       - age:
           - *jo
+
+  - path_regex: homes/[^/]+/drfrontend/secrets/.*\.(yaml|env|json|cfg)$
+    key_groups:
+      - age:
+          - *jo

homes/x86_64-linux/drfrontend/default.nix

@@ -0,0 +1,50 @@
+{
+  pkgs,
+  config,
+  ...
+}:
+{
+  puzzlevision = {
+    themes.catppuccin.enable = true;
+    apps.zed.enable = true;
+    apps.firefox = {
+      enable = true;
+      extensions = [
+        "uBlock0@raymondhill.net"
+        "ATBC@EasonWong"
+        "languagetool-webextension@languagetool.org"
+        "firefox-enpass@enpass.io"
+        "firefox@tampermonkey.net"
+        "wappalyzer@crunchlabz.com"
+        "{7a7a4a92-a2a0-41d1-9fd7-1e92480d612d}"
+        "{d49033ac-8969-488c-afb0-5cdb73957f41}"
+      ];
+    };
+  };
+
+  sops.secrets.wakatime-cfg = {
+    format = "binary";
+    sopsFile = ./secrets/wakatime.cfg;
+    path = "${config.home.homeDirectory}/.wakatime.cfg";
+  };
+
+  home.packages = with pkgs; [
+    ## GENERAL
+    ghostty
+    teams-for-linux
+    enpass
+    youtube-music
+
+    ## WEB
+    ungoogled-chromium
+
+    ## EDITORS
+    jetbrains.phpstorm
+
+    ## RUNTIMES and CLIs for development
+    bun
+    git
+  ];
+
+  home.stateVersion = "25.05";
+}

homes/x86_64-linux/drfrontend/secrets/wakatime.cfg

@@ -0,0 +1,19 @@
+{
+	"data": "ENC[AES256_GCM,data:UAADE/aH98MYyfxL3ZkZ06lHHTRmmRVuOhiqEyF6DP35sGTC7Mpqe++MTYBDFrD4Rraeao9T2tcu3sL22p9SW9jF7Y2L1YZ9zKKUyP2y+G8PN25GqXWaNwJQG/hxcKs8km448g==,iv:SkyBC+VkwccprAomhXUzdmSQuBDfFn22MKJwjV9ZSzo=,tag:m/uUcl9r3GW3QYCajoAhYw==,type:str]",
+	"sops": {
+		"age": [
+			{
+				"recipient": "age1qcjcwh9tq8pzf2yr7m3hm2n3n3y5rlc30fpkr0eytju9w57ucgcsgcy79d",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSA5VmtTRHo4NWVuU2tiZTc5\nWUVyeU54ZmtZbi9uUWNablIxSm9aZ3hadjBnCmNiVlBXS2lEbE00VFl6QVRlQk92\nMFI0TVBMVDZiQXg3VzZTaVNEd2RROTQKLS0tIEg3aGwvWXgvVldGTjZFaS95dEVP\nUmZHaGFaNndDRWY5cXBJeGY4TVVqbTgKeFTClhSmX5IQ5+7DXk4HEwTAv4uB/HCl\nVeoKUNaTHme60hWE/J12B2PvxtRa+f6diDMFg11mQkPOZwyEcQWMpg==\n-----END AGE ENCRYPTED FILE-----\n"
+			},
+			{
+				"recipient": "age1ajkq0lalyc75tjhdtpx2yshw5y3wt85fwjy24luf69rvpavg33vqw6c3tc",
+				"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBnK1NtOE9tZ0poRjdkOTBi\nbWFQbGovY1VvRDN4clJmRGdTSHlzQk5JSmtrCitSc3hnb21CMVVuclZ2YndIOWRk\naDduM3VadDBaWFRDRElZSWlUaXdUZGMKLS0tIEJOUEFoS3ZJQWtkNGFQNk1CdGxI\nSmRFQ25TSXY1S0FHQmhUbWNsT1Z2c2sKBTV2WEW+HynmrrPza8gsIQAK2V3HhYfJ\nrG6rjnzMONd+0Q6Z0KBqgoMfCTjWE9CBnm78DL16u9pRH3CwhpKabg==\n-----END AGE ENCRYPTED FILE-----\n"
+			}
+		],
+		"lastmodified": "2025-05-22T18:30:26Z",
+		"mac": "ENC[AES256_GCM,data:/aZOXw2xgQ8UZG5TIWXwHZjlofa08WM2XpPhXUbf2qrx0yyhEyZrtibalCIDdUGgzaZjt8b+qrZqgNE9o+HCUNVX9fU9yCXRL1kpksz9e6HV4S+KIrdHnEFtuRt7r8nP29BotLYoP9KKbA57lL5SYJgPINHq11CAiQLU6A8W8YI=,iv:0zvQe2wRd/qKjrqinc9kgP8RSl47xxD0LofREiK8XOc=,tag:eWhtD/X3CPHTlEZPgp0cjA==,type:str]",
+		"unencrypted_suffix": "_unencrypted",
+		"version": "3.10.2"
+	}
+}

modules/nixos/users/default.nix

@@ -61,9 +61,6 @@ in
   };
 
   config = {
-    # TODO: fix this
-    #nix.settings.trusted-users = ["root" (lib.forEach cfg (username: toString username))];
-
     # Manage users declaratively and map userConfig to users.users by name;
     users.mutableUsers = false;
     users.users = lib.mapAttrs (

systems/x86_64-nixos/puzzlevision/default.nix

@@ -19,11 +19,20 @@
       ];
     };
 
+    users.drfrontend = {
+      enable = true;
+      hashedPassword = "$6$mvK9bT756Aok54Vt$vBRnT66Vb3HL0Y5rEMJlHvKkvzVQ.KUciInTmW3FCBFT00IuFMpz3q9RhXPLTLMRPho65bTg9hMnFPb84I774.";
+      extraGroups = [
+        "wheel"
+        "docker"
+      ];
+    };
+
     archetypes.laptop.enable = true;
   };
 
   networking.extraHosts = ''
-    	127.0.0.1 dev.bl-projekte.de
+    127.0.0.1 dev.bl-projekte.de
   '';
 
   # Configure 8GB SWAP partition