infra/roles/users.nix

36 lines
883 B
Nix
Raw Normal View History

2022-12-31 07:24:17 +01:00
{ config, lib, ... }:
let
userImports =
let
toUserPath = f: ../users/. + "/${f}";
onlyUserFiles = x:
lib.hasSuffix ".nix" x &&
x != "lib.nix"
;
userDirEntries = builtins.readDir ../users;
userFiles = builtins.filter onlyUserFiles (lib.attrNames userDirEntries);
in
builtins.map toUserPath userFiles;
in
{
imports = userImports;
# No mutable users
users.mutableUsers = false;
# Assign keys from all users in wheel group
# This is only done because nixops cant be deployed from any other account
2022-10-04 09:07:04 +10:00
users.extraUsers.root.openssh.authorizedKeys.keys = lib.unique (
lib.flatten (
builtins.map (u: u.openssh.authorizedKeys.keys)
(
lib.attrValues (
lib.filterAttrs (_: u: lib.elem "wheel" u.extraGroups)
config.users.extraUsers
)
)
)
2022-10-04 09:07:04 +10:00
);
}