]> Git — Sourcephile - sourcephile-nix.git/blob - servers/losurdo/users.nix
nix: enable nix run servers.$server.install
[sourcephile-nix.git] / servers / losurdo / users.nix
1 { pkgs, lib, config, ... }:
2 let
3 inherit (builtins.extraBuiltins) pass-chomp;
4 inherit (config.users) users;
5 in
6 {
7 imports = [
8 ../../members/julm.nix
9 ];
10
11 nix.trustedUsers = [
12 users."julm".name
13 ];
14
15 users = {
16 mutableUsers = false;
17 users = {
18 root = {
19 openssh.authorizedKeys.keys =
20 users."julm".openssh.authorizedKeys.keys;
21 };
22 julm = {
23 hashedPassword = pass-chomp "servers/losurdo/login/julm/hashedPassword";
24 };
25 };
26 groups = {
27 wheel = {
28 members = [
29 users."julm".name
30 ];
31 };
32 };
33 };
34
35 install.shellHook = ''
36 pass "servers/losurdo/root/ssh/id_ed25519" |
37 ssh "$target" install -m 0400 -o root -g root /dev/stdin \
38 /root/.ssh/id_ed25519
39 '';
40 }