Added a non root user

configuration.nix

@@ -60,18 +60,25 @@
     ports = [ 222 ];
     settings = {
       PasswordAuthentication = false;
-      PermitRootLogin = "prohibit-password";
+      # Disable root SSH login entirely
+      PermitRootLogin = "no";
     };
   };
 
   # SSHGuard — monitors logs for brute-force attempts and blocks offending IPs
   services.sshguard.enable = true;
 
-  # Security
+  # Security — passwordless sudo for wheel group
-  security.sudo.wheelNeedsPassword = true;
+  security.sudo = {
+    enable = true;
+    wheelNeedsPassword = false;
+  };
 
   # User configuration
-  users.users.root = {
+  users.users.kawaiipunk = {
+    isNormalUser = true;
+    # wheel group enables sudo access
+    extraGroups = [ "wheel" "docker" ];
     openssh.authorizedKeys.keys = [
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMniNzAzuI527bfk/EipqFILFayUCwYXDoZ3R7+QgYq6 kawaiipunk@ZeroCool"
     ];