Add support for creating users

[brandonros]

Inspired by this Ansible playbook step:

- name: setup user
  hosts: new_droplet
  gather_facts: false
  tasks:
    - name: Ensure user "debian" exists
      ansible.builtin.user:
        name: debian
        shell: /bin/bash
        groups: sudo
        create_home: true
        home: /home/debian
        append: yes
        password: "{{ 'foobar123' | password_hash('sha512') }}"

    - name: add ssh key
      ansible.posix.authorized_key:
        user: debian
        state: present
        key: "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"

https://docs.ansible.com/ansible/latest/collections/ansible/builtin/user_module.html

https://docs.ansible.com/ansible/latest/collections/ansible/posix/authorized_key_module.html

https://nixpkgs-manual-sphinx-markedown-example.netlify.app/configuration/user-mgmt.xml.html

[r-vdp]

Yeah, this would need support on the Rust side to save information on created users in the state file so that we can clean them up when we deactivate or remove a user from the config (something that Ansible doesn't do). I don't think I'll have the time in the near future to implement this, but I'd be happy to review a PR.

[aanderse]

i have heard some really interesting ideas from @nikstur and friends about overlayfs, /etc, systemd-users, and eliminating some perl in nixos - every activation mounts a freshly built overlay on top of /etc, IIRC (please correct me if i'm wrong @nikstur!)

i suppose there are a number of things that could be made easier if overlayfs were involved... any thoughts on that approach @R-VdP?

[elohmeier]

Might be relevant: https://github.com/nikstur/userborn

[r-vdp]

Yeah, I was already considering this!