-{ pkgs, lib, config, ... }:
+{ flakes, pkgs, lib, config, wireguard, ... }:
let
inherit (builtins) readFile;
- #inherit (builtins.extraBuiltins) pass-chomp;
userLib = import ./lib.nix { inherit lib; };
in
{
users.users.julm = {
openssh.authorizedKeys.keys = [
- (readFile ../../sec/ssh/julm.pub)
- (readFile ../../sec/ssh/julm-mob.pub)
- (readFile ../../sec/ssh/julm-losurdo.pub)
+ (readFile (flakes.secrets + "/members/ssh/julm.pub"))
+ (readFile (flakes.secrets + "/members/ssh/julm-mob.pub"))
+ (readFile (flakes.secrets + "/members/ssh/julm-mermet.pub"))
+ (readFile (flakes.secrets + "/members/ssh/julm-losurdo.pub"))
];
- #hashedPassword = pass-chomp "members/login/julm/hashedPassword";
useDefaultShell = true;
isNormalUser = true;
uid = 1000;
#uid = userLib.mkUid "julm";
};
+/*
+networking.wireguard.interfaces."wg-intranet".peers = [
+ { allowedIPs = [ "192.168.42.3/32" ];
+ publicKey = "QV5rA6FU7PyTD7nvFI7H/X+zkjhjP5EzVHfODEpj+BM=";
+ persistentKeepalive = wireguard."wg-intranet".persistentKeepalive;
+ }
+];
+*/
}