reciproka-ops/profiles/users.nix
Fiscal Velvet Poet 27454a11e4
ragenix: add initial user secrets
progresses #11
2023-04-24 09:24:00 +10:00

38 lines
1.1 KiB
Nix

# Configuration common to all JFDIC servers
{
config,
pkgs,
...
}: {
age.secrets = {
root.file = ../secrets/root.age;
fiscalvelvetpoet.file = ../secrets/fiscalvelvetpoet.age;
};
# JFDIC Ops groups:
users.groups.fiscalvelvetpoet.gid = 1000;
# JFDIC Ops Users
users.users.fiscalvelvetpoet = {
isNormalUser = true;
uid = 1000;
group = "fiscalvelvetpoet";
extraGroups = ["wheel"];
# fix this
passwordFile = config.age.secrets.fiscalvelvetpoet.path;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJDMAhG6+40YiYy9wqruHK9M2fLwYAqikJSJ/pRjR/so fiscalvelvetpoet@jfdic.org"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID7qAXTCAnqq+3ks4L8/2f4J8RxmrFaMOCA7m9ImbW2m fiscalvelvetpoet@sealgair"
];
};
users.users.root = {
# fix this
passwordFile = config.age.secrets.root.path;
openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJDMAhG6+40YiYy9wqruHK9M2fLwYAqikJSJ/pRjR/so fiscalvelvetpoet@jfdic.org"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID7qAXTCAnqq+3ks4L8/2f4J8RxmrFaMOCA7m9ImbW2m fiscalvelvetpoet@sealgair"
];
};
}