move everything to namespace directories

author: Ben Sima <ben@bsima.me> 2019-10-27 09:48:52 -0700
committer: Ben Sima <ben@bsima.me> 2019-10-27 12:14:40 -0700
commit: c790672cc244ac4caba1bda3572829a6c6862891 (patch)
tree: 2706bb8044f7b14840c5f90f215b79b433e81045 /com/simatime/users.nix
parent: 44df4ba39f65c3afd84bee6b03f47d9b061e9038 (diff)
1 files changed, 33 insertions, 0 deletions
diff --git a/com/simatime/users.nix b/com/simatime/users.nix
new file mode 100644
index 0000000..daac9d6
--- /dev/null
+++ b/com/simatime/users.nix
@@ -0,0 +1,33 @@
+{ ... }:
+
+let
+  key = f: builtins.readFile (./keys/. + ("/" + f));
+in
+{
+  users = {
+    users = {
+      # bots
+      deploy = {
+        isNormalUser = true;
+        home = "/home/deploy";
+        openssh.authorizedKeys.keys = [ (key "deploy.pub") ];
+        extraGroups = [ "wheel" ];
+      };
+
+      # humans
+      root.openssh.authorizedKeys.keys = [ (key "ben.pub") ];
+      ben = {
+        isNormalUser = true;
+        home = "/home/ben";
+        openssh.authorizedKeys.keys = [ (key "ben.pub") ];
+        extraGroups = [ "wheel" "networkmanager" "docker" ];
+      };
+      nick = {
+        isNormalUser = true;
+        home = "/home/nick";
+        openssh.authorizedKeys.keys = [ (key "nick.pub") ];
+        extraGroups = [ "docker" ];
+      };
+    };
+  };
+}
author	Ben Sima <ben@bsima.me>	2019-10-27 09:48:52 -0700
committer	Ben Sima <ben@bsima.me>	2019-10-27 12:14:40 -0700
commit	c790672cc244ac4caba1bda3572829a6c6862891 (patch)
tree	2706bb8044f7b14840c5f90f215b79b433e81045 /com/simatime/users.nix
parent	44df4ba39f65c3afd84bee6b03f47d9b061e9038 (diff)