{ ... }: let key = f: builtins.readFile (./keys/. + ("/" + f)); in { users = { users = { # bots deploy = { isNormalUser = true; home = "/home/deploy"; openssh.authorizedKeys.keys = [ (key "deploy.pub") ]; extraGroups = [ "wheel" ]; }; # humans root.openssh.authorizedKeys.keys = [ (key "ben.pub") ]; ben = { isNormalUser = true; home = "/home/ben"; openssh.authorizedKeys.keys = [ (key "ben.pub") ]; extraGroups = [ "wheel" "networkmanager" "docker" ]; }; nick = { isNormalUser = true; home = "/home/nick"; openssh.authorizedKeys.keys = [ (key "nick.pub") ]; extraGroups = [ "docker" ]; }; }; }; }