590a46c1e0
- drop unnecessary description and group - use postActivation to give build user ssh access
22 lines
611 B
Nix
22 lines
611 B
Nix
{
|
|
users.knownUsers = [ "nix" ];
|
|
|
|
users.users.nix = {
|
|
name = "nix";
|
|
uid = 8765;
|
|
home = "/Users/nix";
|
|
createHome = true;
|
|
shell = "/bin/zsh";
|
|
# if user is removed the keys need to be removed manually from /etc/ssh/authorized_keys.d
|
|
openssh.authorizedKeys.keys = [
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEmdo1x1QkRepZf7nSe+OdEWX+wOjkBLF70vX9F+xf68 builder"
|
|
];
|
|
};
|
|
|
|
# add build user to group for ssh access
|
|
system.activationScripts.postActivation.text = ''
|
|
dseditgroup -o edit -a "nix" -t user com.apple.access_ssh
|
|
'';
|
|
|
|
nix.settings.trusted-users = [ "nix" ];
|
|
}
|