pazpi/nix
1
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

Use ssh-keys.nix for key managment

Browse source
This commit is contained in:
pazpi 2024-08-30 07:55:26 +02:00
parent 189ae77b0a
commit 49c79ce951
1 changed files with 3 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

21
modules/utils/server-node-users.nix
View file

@ -7,22 +7,7 @@
let let
cfg = config.my.utils.serverNodeUsers; cfg = config.my.utils.serverNodeUsers;
gitlabUsername = "pazpi"; gitlabUsername = "pazpi";
sshKeys = sshKeys = import ../../ssh-keys.nix;
let
localKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDhiGLc/whCY3lCmDiRlYnMJOLiO/gvcRj/sKVEFVAhQ pazpi@deadbeef"
# Add more local keys as needed
];
gitlabKeys = pkgs.lib.splitString "\n" (
builtins.readFile (
pkgs.fetchurl {
url = "https://gitlab.com/${gitlabUsername}.keys";
sha256 = "tHC4DBRO8mXBLFBqGiZlgyY5Pzpl4AMeURCni6H7IjI=";
}
)
);
in
localKeys ++ gitlabKeys;
in in
{ {
options.my.utils.serverNodeUsers = { options.my.utils.serverNodeUsers = {
@ -41,7 +26,7 @@ in
users.root = { users.root = {
hashedPassword = "!"; hashedPassword = "!";
openssh.authorizedKeys.keys = sshKeys; openssh.authorizedKeys.keys = sshKeys.infra-core;
}; };
users.pazpi = { users.pazpi = {
@ -49,7 +34,7 @@ in
hashedPassword = "$y$j9T$oWLCV1hnGPyOGabMfAS3p1$/iwouRZGwQXcv6IHnLuT3I9.pmeXNpcHxq.b8xfitr1"; hashedPassword = "$y$j9T$oWLCV1hnGPyOGabMfAS3p1$/iwouRZGwQXcv6IHnLuT3I9.pmeXNpcHxq.b8xfitr1";
shell = pkgs.bash; shell = pkgs.bash;
extraGroups = [ "wheel" ]; extraGroups = [ "wheel" ];
openssh.authorizedKeys.keys = sshKeys; openssh.authorizedKeys.keys = sshKeys.infra-core;
}; };
}; };