derped/nixos
1
0
Fork 0
Code Releases Activity

options/machine: allow to define users without wheel

Browse source
This commit is contained in:
Kevin Baensch 2025-07-04 16:52:46 +02:00
parent 87e83f336f
commit 88a6a90ab2
Signed by: derped
GPG key ID: C0F1D326C7626543
10 changed files with 26 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

12
services/openssh.nix
View file

@ -25,7 +25,7 @@ mkIf (elem "openssh" config.machine.services) {
extraConfig =
let
users =
concatMapStrings (user: "${user.name} ") config.machine.administrators
concatMapStrings (user: "${user.name} ") config.machine.users
+ (optionalString config.services.forgejo.enable (config.services.forgejo.user + " "));
in
''
@ -36,10 +36,8 @@ mkIf (elem "openssh" config.machine.services) {
};
# Add public keys to /etc/ssh/authorized_keys.d
# This replaces users.users.*.openssh.authorizedKeys.*
sops.secrets =
fn.sopsHelper (user: "users/${user.name}/publicKey") config.machine.administrators
(user: {
path = "/etc/ssh/authorized_keys.d/${user.name}";
mode = "444";
});
sops.secrets = fn.sopsHelper (user: "users/${user.name}/publicKey") config.machine.users (user: {
path = "/etc/ssh/authorized_keys.d/${user.name}";
mode = "444";
});
}