users: define extraGroups per-host

common/users/qenya.nix

@@ -5,11 +5,6 @@ in {
   users.users.qenya = {
     isNormalUser = true;
     home = "/home/qenya";
-    extraGroups = [
-      "wheel" # sudo
-      "networkmanager" # UI wifi configuration
-      "dialout" # access to serial ports
-    ];
     shell = pkgs.zsh;
     openssh.authorizedKeys.keys = keys.users.qenya;
     uid = 1001;

hosts/kalessin/configuration.nix

@@ -8,6 +8,7 @@
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;
 
+  users.users.qenya.extraGroups = [ "wheel" ];
   qenya.sysadmin.enable = true;
 
   system.stateVersion = "23.11";

hosts/orm/configuration.nix

@@ -8,6 +8,7 @@
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;
   
+  users.users.qenya.extraGroups = [ "wheel" ];
   qenya.sysadmin.enable = true;
 
   age.secrets.wireguard-peer-orm.file = ../../secrets/wireguard-peer-orm.age;

hosts/tohru/configuration.nix

@@ -43,6 +43,12 @@
   sound.enable = true;
   hardware.pulseaudio.enable = true;
 
+  users.users.qenya.extraGroups = [
+    "wheel" # sudo
+    "networkmanager" # UI wifi configuration
+    "dialout" # access to serial ports
+  ];
+
   # USB drives
   boot.supportedFilesystems = [ "ntfs" ];
 

hosts/yevaud/configuration.nix

@@ -8,6 +8,8 @@
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;
 
+  users.users.qenya.extraGroups = [ "wheel" ];
+
   qenya.sysadmin.enable = true;
 
   age.secrets.wireguard-peer-yevaud.file = ../../secrets/wireguard-peer-yevaud.age;