From a6a0f2650d9e9484d88bc1f4c7e8d1a973b0175e Mon Sep 17 00:00:00 2001
From: pazpi <pasettodavide@gmail.com>
Date: Tue, 27 Aug 2024 11:21:07 +0200
Subject: [PATCH] Set users and ssh auth keys for guest nodes

---
 modules/utils/server-node-users.nix | 45 +++++++++++++++++++++++++++++
 1 file changed, 45 insertions(+)
 create mode 100644 modules/utils/server-node-users.nix

diff --git a/modules/utils/server-node-users.nix b/modules/utils/server-node-users.nix
new file mode 100644
index 0000000..d5db075
--- /dev/null
+++ b/modules/utils/server-node-users.nix
@@ -0,0 +1,45 @@
+{
+  lib,
+  config,
+  pkgs,
+  ...
+}:
+let
+  cfg = config.serverUsers;
+in
+{
+  options.serverUsers = {
+    enable = lib.mkEnableOption "Set users for server hosts";
+  };
+
+  config = lib.mkIf cfg.enable {
+    users = {
+
+      # If set to false, the contents of the user and group files will simply
+      # be replaced on system activation.
+      # This also holds for the user passwords.
+      # All changed passwords will be reset according
+      # to the `users.users` configuration on activation.
+      mutableUsers = false;
+
+      users.root = {
+        hashedPassword = "!";
+        openssh.authorizedKeys.keys = [
+          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDhiGLc/whCY3lCmDiRlYnMJOLiO/gvcRj/sKVEFVAhQ pazpi@deadbeef"
+        ];
+      };
+
+      users.pazpi = {
+        isNormalUser = true;
+        hashedPassword = "$y$j9T$oWLCV1hnGPyOGabMfAS3p1$/iwouRZGwQXcv6IHnLuT3I9.pmeXNpcHxq.b8xfitr1";
+        shell = pkgs.bash;
+        extraGroups = [ "wheel" ];
+        openssh.authorizedKeys.keys = [
+          "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDhiGLc/whCY3lCmDiRlYnMJOLiO/gvcRj/sKVEFVAhQ pazpi@deadbeef"
+        ];
+      };
+
+    };
+  };
+
+}