infra/modules/users.nix

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

31 lines
952 B
Nix
Raw Permalink Normal View History

{ flake, pkgs, ... }: {
users.users.${flake.self.username} = {
name = flake.self.username;
group = flake.self.username;
extraGroups = [ "wheel" "docker" ];
isNormalUser = true;
2024-04-03 18:54:40 +00:00
openssh.authorizedKeys.keys = flake.self.logins.admins.sshPubKeys;
};
users.groups.${flake.self.username} = { };
# TODO: Remove when we stop locking ourselves out.
2024-04-03 18:54:40 +00:00
users.users.root.openssh.authorizedKeys.keys = flake.self.logins.admins.sshPubKeys;
users.users.hakkonaut = {
description = "CI and automation user";
home = "/home/hakkonaut";
createHome = true;
useDefaultShell = true;
uid = 998;
group = "hakkonaut";
isSystemUser = true;
2024-04-03 18:54:40 +00:00
openssh.authorizedKeys.keys = flake.self.logins.robots.sshPubKeys;
};
users.groups.hakkonaut = { };
users.users.root.initialHashedPassword = "$y$j9T$bIN6GjQkmPMllOcQsq52K0$q0Z5B5.KW/uxXK9fItB8H6HO79RYAcI/ZZdB0Djke32";
security.sudo.wheelNeedsPassword = false;
}