[NixOS] Add mike and loewy

This commit is contained in:
Ivan Malison 2023-10-03 14:50:43 -06:00
parent 802cf428d3
commit 70d25f95cc
3 changed files with 45 additions and 25 deletions

View File

@ -156,7 +156,8 @@
mapValueToKeys = keys: value: builtins.listToAttrs (map (name: { inherit name value; }) keys);
realUsers = [ "root" "imalison" "kat" "dean" "alex" ];
forEachUser = mapValueToKeys realUsers;
} // specialArgs // (import ./keys.nix);
keys = (import ./keys.nix);
} // specialArgs;
});
in
{

View File

@ -28,6 +28,12 @@ rec {
alexKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP2SQkJenAX67Ze99SKOVpKDD1XvAZnxQ8RLP0dL/Ej2 alexm@MALISONSERVER"
];
mikeKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPnXd6c9xwr1yxBmxauj/FF3gnY8G11ospoM8i11mD2n countablecloud.com"
];
loewyKeys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDROb8zcXAgqR3xNpStjt8kSL2Tnic+aWVlQRkmmLveay0RDPatHVKiWtscBoFYvL19xwpi692nZjyPAGQBLMquVx8rexHUFVbs6UVM41Y/QV0UZLSlVM7xNl3nL/dQoxT8OC2a9WJThNm41EjFzzKAuUaWqjm4+uEsC9felBIzndlA5/bIn6EUkMb2X8qmOOIOod1UeVZeK0fWMoDdKsHtQjiQrrP4nLjOmrTQ+BF2yUHwFbW6SCQiXT1Jzq4zymnI717ZraTK0nXzl8amLrGGrh36TrR7pv9hWLeNIMCARvOtABMdQmrT1dI4FxLK1uKM696uzfoaZDUn58G2VGrd loewy gitlab"
];
agenixKeys = hostKeys ++ kanivanKeys;
allKeys = kanivanKeys ++ deanKeys ++ alexKeys ++ hostKeys;
allKeys = loewyKeys ++ mikeKeys ++ kanivanKeys ++ deanKeys ++ alexKeys ++ hostKeys;
}

View File

@ -1,60 +1,73 @@
{ pkgs, realUsers, forEachUser, kanivanKeys, deanKeys, alexKeys, allKeys, ... }:
{ pkgs, realUsers, forEachUser, keys, ... }:
let
extraGroups = [
"audio"
"adbusers"
"disk"
"docker"
"networkmanager"
"openrazer"
"plugdev"
"syncthing"
"systemd-journal"
"video"
"wheel"
];
userDefaults = {
inherit extraGroups;
group = "users";
isNormalUser = true;
createHome = true;
shell = pkgs.zsh;
};
extraGroups = [
"audio"
"adbusers"
"disk"
"docker"
"networkmanager"
"openrazer"
"plugdev"
"syncthing"
"systemd-journal"
"video"
];
extraGroupsWithWheel = extraGroups ++ ["wheel"];
userDefaults = {
group = "users";
isNormalUser = true;
createHome = true;
shell = pkgs.zsh;
};
in
{
security.sudo.wheelNeedsPassword = false;
users.users = {
users.users = with keys; {
syncthing = {
extraGroups = [ "syncthing" "wheel" ];
home = "/var/lib/syncthing";
createHome = true;
};
imalison = userDefaults // {
extraGroups = extraGroupsWithWheel;
name = "imalison";
shell = pkgs.zsh;
openssh.authorizedKeys.keys = kanivanKeys;
};
kat = userDefaults // {
extraGroups = extraGroupsWithWheel;
name = "kat";
shell = pkgs.zsh;
openssh.authorizedKeys.keys = kanivanKeys;
};
dean = userDefaults // {
extraGroups = extraGroupsWithWheel;
name = "dean";
shell = pkgs.zsh;
openssh.authorizedKeys.keys = kanivanKeys ++ deanKeys;
};
alex = userDefaults // {
extraGroups = extraGroupsWithWheel;
name = "alex";
shell = pkgs.zsh;
openssh.authorizedKeys.keys = kanivanKeys ++ alexKeys;
};
loewy = userDefaults // {
inherit extraGroups;
name = "loewy";
openssh.authorizedKeys.keys = kanivanKeys ++ loewyKeys;
};
mike = userDefaults // {
inherit extraGroups;
name = "mike";
openssh.authorizedKeys.keys = kanivanKeys ++ mikeKeys;
};
};
nix.settings.trusted-users = realUsers;
nix.sshServe = {
enable = true;
keys = allKeys;
keys = keys.allKeys;
};
home-manager.users = forEachUser (import ./home-manager.nix);