]> Git — Sourcephile - sourcephile-nix.git/blob - members/julm.nix
sourcephile / git / sourcephile-nix.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
wireguard: setup in initrd
[sourcephile-nix.git] / members / julm.nix
1 { pkgs, lib, config, wireguard, ... }:
2 let
3 inherit (builtins) readFile;
4 #inherit (builtins.extraBuiltins) pass-chomp;
5 userLib = import ./lib.nix { inherit lib; };
6 in
7 {
8 users.users.julm = {
9 openssh.authorizedKeys.keys = [
10 (readFile ../../sec/ssh/julm.pub)
11 (readFile ../../sec/ssh/julm-mob.pub)
12 (readFile ../../sec/ssh/julm-mermet.pub)
13 (readFile ../../sec/ssh/julm-losurdo.pub)
14 ];
15 #hashedPassword = pass-chomp "members/login/julm/hashedPassword";
16 useDefaultShell = true;
17 isNormalUser = true;
18 uid = 1000;
19 #uid = userLib.mkUid "julm";
20 };
21 networking.wireguard.interfaces."wg-intranet".peers = [
22 { allowedIPs = [ "192.168.42.3/32" ];
23 publicKey = "QV5rA6FU7PyTD7nvFI7H/X+zkjhjP5EzVHfODEpj+BM=";
24 persistentKeepalive = wireguard."wg-intranet".persistentKeepalive;
25 }
26 ];
27 }
NixOS configurations for Sourcephile's infrastructure