rrvsh/pantheon
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

refactor(nixos/ssh): add authorizedKeys to ssh module & rm from users

Browse source
This commit is contained in:
Mohammad Rafiq 2025-07-07 18:18:57 +08:00
parent b63959f307
commit bf260096d5
No known key found for this signature in database
2 changed files with 18 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

3
nix/modules/users.nix
View file

@ -11,8 +11,6 @@ in
#TODO: move sudo/security options elsewhere
# security.sudo.wheelNeedsPassword = false;
# nix.settings.trusted-users = [ "@wheel" ];
#TODO: move ssh key settings elsewhere
# users.users.root.openssh.authorizedKeys.keys = [ owner.pubkey ];
# persist uids and gids
persistDirs = [ "/var/lib/nixos" ];
users = {
@ -23,7 +21,6 @@ in
isNormalUser = true;
hashedPasswordFile = config.sops.secrets."${name}/hashedPassword".path;
extraGroups = optional (value.primary or false) "wheel";
openssh.authorizedKeys.keys = [ value.pubkey ];
}
);
};