forked from colonelpanic/dotfiles
[NixOS] Add mike and loewy
This commit is contained in:
parent
802cf428d3
commit
70d25f95cc
@ -156,7 +156,8 @@
|
|||||||
mapValueToKeys = keys: value: builtins.listToAttrs (map (name: { inherit name value; }) keys);
|
mapValueToKeys = keys: value: builtins.listToAttrs (map (name: { inherit name value; }) keys);
|
||||||
realUsers = [ "root" "imalison" "kat" "dean" "alex" ];
|
realUsers = [ "root" "imalison" "kat" "dean" "alex" ];
|
||||||
forEachUser = mapValueToKeys realUsers;
|
forEachUser = mapValueToKeys realUsers;
|
||||||
} // specialArgs // (import ./keys.nix);
|
keys = (import ./keys.nix);
|
||||||
|
} // specialArgs;
|
||||||
});
|
});
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
|
@ -28,6 +28,12 @@ rec {
|
|||||||
alexKeys = [
|
alexKeys = [
|
||||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP2SQkJenAX67Ze99SKOVpKDD1XvAZnxQ8RLP0dL/Ej2 alexm@MALISONSERVER"
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP2SQkJenAX67Ze99SKOVpKDD1XvAZnxQ8RLP0dL/Ej2 alexm@MALISONSERVER"
|
||||||
];
|
];
|
||||||
|
mikeKeys = [
|
||||||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPnXd6c9xwr1yxBmxauj/FF3gnY8G11ospoM8i11mD2n countablecloud.com"
|
||||||
|
];
|
||||||
|
loewyKeys = [
|
||||||
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDROb8zcXAgqR3xNpStjt8kSL2Tnic+aWVlQRkmmLveay0RDPatHVKiWtscBoFYvL19xwpi692nZjyPAGQBLMquVx8rexHUFVbs6UVM41Y/QV0UZLSlVM7xNl3nL/dQoxT8OC2a9WJThNm41EjFzzKAuUaWqjm4+uEsC9felBIzndlA5/bIn6EUkMb2X8qmOOIOod1UeVZeK0fWMoDdKsHtQjiQrrP4nLjOmrTQ+BF2yUHwFbW6SCQiXT1Jzq4zymnI717ZraTK0nXzl8amLrGGrh36TrR7pv9hWLeNIMCARvOtABMdQmrT1dI4FxLK1uKM696uzfoaZDUn58G2VGrd loewy gitlab"
|
||||||
|
];
|
||||||
agenixKeys = hostKeys ++ kanivanKeys;
|
agenixKeys = hostKeys ++ kanivanKeys;
|
||||||
allKeys = kanivanKeys ++ deanKeys ++ alexKeys ++ hostKeys;
|
allKeys = loewyKeys ++ mikeKeys ++ kanivanKeys ++ deanKeys ++ alexKeys ++ hostKeys;
|
||||||
}
|
}
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
{ pkgs, realUsers, forEachUser, kanivanKeys, deanKeys, alexKeys, allKeys, ... }:
|
{ pkgs, realUsers, forEachUser, keys, ... }:
|
||||||
let
|
let
|
||||||
extraGroups = [
|
extraGroups = [
|
||||||
"audio"
|
"audio"
|
||||||
@ -11,10 +11,9 @@ let
|
|||||||
"syncthing"
|
"syncthing"
|
||||||
"systemd-journal"
|
"systemd-journal"
|
||||||
"video"
|
"video"
|
||||||
"wheel"
|
|
||||||
];
|
];
|
||||||
|
extraGroupsWithWheel = extraGroups ++ ["wheel"];
|
||||||
userDefaults = {
|
userDefaults = {
|
||||||
inherit extraGroups;
|
|
||||||
group = "users";
|
group = "users";
|
||||||
isNormalUser = true;
|
isNormalUser = true;
|
||||||
createHome = true;
|
createHome = true;
|
||||||
@ -23,38 +22,52 @@ let
|
|||||||
in
|
in
|
||||||
{
|
{
|
||||||
security.sudo.wheelNeedsPassword = false;
|
security.sudo.wheelNeedsPassword = false;
|
||||||
users.users = {
|
users.users = with keys; {
|
||||||
syncthing = {
|
syncthing = {
|
||||||
extraGroups = [ "syncthing" "wheel" ];
|
extraGroups = [ "syncthing" "wheel" ];
|
||||||
home = "/var/lib/syncthing";
|
home = "/var/lib/syncthing";
|
||||||
createHome = true;
|
createHome = true;
|
||||||
};
|
};
|
||||||
imalison = userDefaults // {
|
imalison = userDefaults // {
|
||||||
|
extraGroups = extraGroupsWithWheel;
|
||||||
name = "imalison";
|
name = "imalison";
|
||||||
shell = pkgs.zsh;
|
shell = pkgs.zsh;
|
||||||
openssh.authorizedKeys.keys = kanivanKeys;
|
openssh.authorizedKeys.keys = kanivanKeys;
|
||||||
};
|
};
|
||||||
kat = userDefaults // {
|
kat = userDefaults // {
|
||||||
|
extraGroups = extraGroupsWithWheel;
|
||||||
name = "kat";
|
name = "kat";
|
||||||
shell = pkgs.zsh;
|
shell = pkgs.zsh;
|
||||||
openssh.authorizedKeys.keys = kanivanKeys;
|
openssh.authorizedKeys.keys = kanivanKeys;
|
||||||
};
|
};
|
||||||
dean = userDefaults // {
|
dean = userDefaults // {
|
||||||
|
extraGroups = extraGroupsWithWheel;
|
||||||
name = "dean";
|
name = "dean";
|
||||||
shell = pkgs.zsh;
|
shell = pkgs.zsh;
|
||||||
openssh.authorizedKeys.keys = kanivanKeys ++ deanKeys;
|
openssh.authorizedKeys.keys = kanivanKeys ++ deanKeys;
|
||||||
};
|
};
|
||||||
alex = userDefaults // {
|
alex = userDefaults // {
|
||||||
|
extraGroups = extraGroupsWithWheel;
|
||||||
name = "alex";
|
name = "alex";
|
||||||
shell = pkgs.zsh;
|
shell = pkgs.zsh;
|
||||||
openssh.authorizedKeys.keys = kanivanKeys ++ alexKeys;
|
openssh.authorizedKeys.keys = kanivanKeys ++ alexKeys;
|
||||||
};
|
};
|
||||||
|
loewy = userDefaults // {
|
||||||
|
inherit extraGroups;
|
||||||
|
name = "loewy";
|
||||||
|
openssh.authorizedKeys.keys = kanivanKeys ++ loewyKeys;
|
||||||
|
};
|
||||||
|
mike = userDefaults // {
|
||||||
|
inherit extraGroups;
|
||||||
|
name = "mike";
|
||||||
|
openssh.authorizedKeys.keys = kanivanKeys ++ mikeKeys;
|
||||||
|
};
|
||||||
};
|
};
|
||||||
|
|
||||||
nix.settings.trusted-users = realUsers;
|
nix.settings.trusted-users = realUsers;
|
||||||
nix.sshServe = {
|
nix.sshServe = {
|
||||||
enable = true;
|
enable = true;
|
||||||
keys = allKeys;
|
keys = keys.allKeys;
|
||||||
};
|
};
|
||||||
|
|
||||||
home-manager.users = forEachUser (import ./home-manager.nix);
|
home-manager.users = forEachUser (import ./home-manager.nix);
|
||||||
|
Loading…
Reference in New Issue
Block a user