diff --git a/nixos-infect b/nixos-infect
index 06f0171..a8240f5 100644
--- a/nixos-infect
+++ b/nixos-infect
@@ -34,24 +34,36 @@ makeConf() {
 
   [[ -n "$doNetConf" ]] && network_import="./networking.nix # generated at runtime by nixos-infect"
   cat > /etc/nixos/configuration.nix << EOF
-{ ... }: {
-  imports = [
-    ./hardware-configuration.nix
-    $network_import
-    $NIXOS_IMPORT
-  ];
+{ ... }: 
+  let 
+  keys = [$(while read -r line; do
+      line=$(echo -n "$line" | sed 's/\r//g')
+      trimmed_line=$(echo -n "$line" | xargs)
+      echo -n "''$trimmed_line'' "
+    done <<< "$keys")]; 
+  in 
+  {
+    imports = [
+      ./hardware-configuration.nix
+      $network_import
+      $NIXOS_IMPORT
+    ];
 
-  boot.tmp.cleanOnBoot = true;
-  zramSwap.enable = ${zramswap};
-  networking.hostName = "$(hostname -s)";
-  networking.domain = "$(hostname -d)";
-  services.openssh.enable = true;
-  users.users.root.openssh.authorizedKeys.keys = [$(while read -r line; do
-    line=$(echo -n "$line" | sed 's/\r//g')
-    trimmed_line=$(echo -n "$line" | xargs)
-    echo -n "''$trimmed_line'' "
-  done <<< "$keys")];
-  system.stateVersion = "23.11";
+   
+    boot.tmp.cleanOnBoot = true;
+    zramSwap.enable = ${zramswap};
+    networking.hostName = "$(hostname -s)";
+    networking.domain = "$(hostname -d)";
+    services.openssh.enable = true;
+    security.sudo.wheelNeedsPassword = false;
+    system.stateVersion = "23.11";
+    users.users.root.openssh.authorizedKeys.keys = keys;
+    users.users.sammy = {
+      isNormalUser = true;
+      extraGroups = [ "wheel" ];
+      openssh.authorizedKeys.keys = keys;
+    };
+  };
 }
 EOF