sercanto/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

modules/darwin: refactor users

Browse source
This commit is contained in:
zowoq 2024-09-12 14:23:03 +10:00
parent 4d1c91f39c
commit 939bed0be1
2 changed files with 20 additions and 17 deletions
modules/darwin/common
default.nixusers.nix

18
modules/darwin/common/default.nix
View file

@ -1,12 +1,4 @@
{ inputs, pkgs, ... }: { inputs, pkgs, ... }:
let
authorizedKeys = {
keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDPVjRBomWFJNNkZb0g5ymLmc3pdRddIScitmJ9yC+ap" # deployment
];
keyFiles = pkgs.lib.filesystem.listFilesRecursive "${toString inputs.self}/users/keys";
};
in
{ {
imports = [ imports = [
./apfs-cleanup.nix ./apfs-cleanup.nix
@ -16,18 +8,12 @@ in
./software-update.nix ./software-update.nix
./telegraf.nix ./telegraf.nix
./upgrade-diff.nix ./upgrade-diff.nix
./users.nix
../../shared/known-hosts.nix ../../shared/known-hosts.nix
../../shared/nix-daemon.nix ../../shared/nix-daemon.nix
inputs.agenix.darwinModules.age inputs.agenix.darwinModules.age
]; ];
# TODO: refactor this to share /users with nixos
users.users = {
customer.openssh = {
inherit authorizedKeys;
};
};
services.nix-daemon.enable = true; services.nix-daemon.enable = true;
programs.zsh.enable = true; programs.zsh.enable = true;
@ -36,8 +22,6 @@ in
programs.info.enable = false; programs.info.enable = false;
nix.settings.trusted-users = [ "@admin" ];
# srvos # srvos
nix.settings.builders-use-substitutes = true; nix.settings.builders-use-substitutes = true;

19
modules/darwin/common/users.nix Normal file
View file

@ -0,0 +1,19 @@
{ inputs, pkgs, ... }:
let
authorizedKeys = {
keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDPVjRBomWFJNNkZb0g5ymLmc3pdRddIScitmJ9yC+ap" # deployment
];
keyFiles = pkgs.lib.filesystem.listFilesRecursive "${inputs.self}/users/keys";
};
in
{
# TODO: refactor this to share /users with nixos
users.users = {
customer.openssh = {
inherit authorizedKeys;
};
};
nix.settings.trusted-users = [ "@admin" ];
}