Biz/Users.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59

{ config, lib, ... }:

let
  readKeys = k: lib.trivial.pipe k [
    builtins.readFile
    (lib.strings.splitString "\n")
    (lib.filter (s: s != ""))
  ];
in {
  users.groups = {
    # group for publishing web data
    "www-data" = {};
  };
  users.motd = ''

  welcome to the simatime network!
  your host is '${config.networking.hostName}'

  '';
  users.mutableUsers = false;
  users.users = { #
    # bots
    #
    deploy = {
      isNormalUser = true;
      home = "/home/deploy";
      openssh.authorizedKeys.keys = readKeys ./Keys/Deploy.pub;
      extraGroups = [ "wheel" ];
    };
    #
    # humans
    #
    root.openssh.authorizedKeys.keys = readKeys ./Keys/Ben.pub;

    ben = {
      description = "Ben Sima";
      isNormalUser = true;
      home = "/home/ben";
      openssh.authorizedKeys.keys = readKeys ./Keys/Ben.pub;
      extraGroups = [ "wheel" "docker" "bitcoind-mainnet" "git" ];
      hashedPassword =
        "$6$SGhdoRB6DhWe$elW8RQE1ebe8JKf1ALW8jGZTPCyn2rpq/0J8MV/A9y8qFMEhA.Z2eiexMgptohZAK5kcGOc6HIUgNzJqnDUvY.";
    };
    dre = {
      description = "Andres Ulloa";
      isNormalUser = true;
      home = "/home/dre";
      openssh.authorizedKeys.keys = readKeys ./Keys/Dre.pub;
      extraGroups = [ "wheel" "git" ];
    };
    nick = {
      description = "Nick Sima";
      isNormalUser = true;
      home = "/home/nick";
      openssh.authorizedKeys.keys = readKeys ./Keys/Nick.pub;
      extraGroups = [ "docker" "git" ];
    };
  };
}