Com/Simatime/users.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33

{ ... }:

let
  key = f: builtins.readFile (./keys/. + ("/" + f));
in
{
  users = {
    users = {
      # bots
      deploy = {
        isNormalUser = true;
        home = "/home/deploy";
        openssh.authorizedKeys.keys = [ (key "deploy.pub") ];
        extraGroups = [ "wheel" ];
      };

      # humans
      root.openssh.authorizedKeys.keys = [ (key "ben.pub") ];
      ben = {
        isNormalUser = true;
        home = "/home/ben";
        openssh.authorizedKeys.keys = [ (key "ben.pub") ];
        extraGroups = [ "wheel" "networkmanager" "docker" ];
      };
      nick = {
        isNormalUser = true;
        home = "/home/nick";
        openssh.authorizedKeys.keys = [ (key "nick.pub") ];
        extraGroups = [ "docker" ];
      };
    };
  };
}