Started on implementing derek's site

system/server/derek-bot.nix

@@ -76,37 +76,7 @@ in {
     users.groups.${userGroup} = {};
     users.users.${userGroup} = {
       group = userGroup;
-      isNormalUser = true;
-      home = "/home/${userGroup}";
+      isSystemUser = true;
     };
-    security.polkit.extraConfig = ''
-	polkit.addRule(function(action, subject) {
-	    polkit.log("Rule triggered. Action: " + action.id + " Unit: " + action.lookup("unit") + " User: " + subject.user);
-
-	    // For journalctl access
-	    if ((action.id == "org.freedesktop.systemd1.manage-units" || 
-		 action.id == "org.freedesktop.systemd1.unit-journal") &&
-		action.lookup("unit") == "${userGroup}.service" &&
-		subject.user == "${userGroup}") {
-		polkit.log("ALLOWING access for " + subject.user);
-		return polkit.Result.YES;
-	    }
-	});
-      polkit.addRule(function(action, subject) {
-	  if (
-	      subject.user == "${userGroup}" &&
-	      (
-		action.id == "org.freedesktop.login1.power-off" ||
-		action.id == "org.freedesktop.login1.power-off-ignore-inhibit" ||
-		action.id == "org.freedesktop.login1.power-off-multiple-sessions" ||
-		action.id == "org.freedesktop.login1.reboot" ||
-		action.id == "org.freedesktop.login1.reboot-ignore-inhibit" ||
-		action.id == "org.freedesktop.login1.reboot-multiple-sessions"
-	      )
-	  ) {
-	      return polkit.Result.NO;
-	  }
-      });
-    '';
   };
 }