unexplrd/nixos-blueprint
2
2
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

hosts/dunamis: add userborn

Browse Source 
Signed-off-by: unexplrd <unexplrd@linerds.us>
This commit is contained in:
unexplrd
2025-04-30 00:33:56 +03:00
parent 3bf0d20c63
commit 86ea201653
2 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
hosts/dunamis/services.nix
View File

@ -5,6 +5,7 @@
fwupd.enable = true; fwupd.enable = true;
openssh.enable = true; openssh.enable = true;
syncthing.openDefaultPorts = true; syncthing.openDefaultPorts = true;
userborn.enable = true;
dnscrypt-proxy2 = { dnscrypt-proxy2 = {
enable = true; enable = true;
settings = { settings = {

3
hosts/dunamis/users.nix
View File

@ -6,6 +6,7 @@
}: let }: let
inherit (config.sops) secrets; inherit (config.sops) secrets;
inherit (inputs) mysecrets; inherit (inputs) mysecrets;
sshKeys = f: "${mysecrets}/ssh/user/id_${f}_ed25519.pub";
in { in {
nix.settings.trusted-users = ["user" "nix-ssh"]; nix.settings.trusted-users = ["user" "nix-ssh"];
users.mutableUsers = false; users.mutableUsers = false;
@ -15,7 +16,7 @@ in {
extraGroups = ["wheel" "video" "libvirtd" "dialout"]; extraGroups = ["wheel" "video" "libvirtd" "dialout"];
isNormalUser = true; isNormalUser = true;
shell = pkgs.fish; shell = pkgs.fish;
openssh.authorizedKeys.keyFiles = map (f: "${mysecrets}/ssh/user/id_${f}_ed25519.pub") [ openssh.authorizedKeys.keyFiles = map sshKeys [
"dunamis" "dunamis"
"eldrid" "eldrid"
"sarien" "sarien"