25 lines
578 B
Nix
25 lines
578 B
Nix
{
|
|
lib,
|
|
self,
|
|
...
|
|
}: {
|
|
nix.settings.trusted-users = ["deploy"]; # trust closures created by our user
|
|
|
|
users.groups.deploy = {};
|
|
users.users.deploy = {
|
|
isSystemUser = false;
|
|
isNormalUser = true; # i want a home directory for some things
|
|
useDefaultShell = true;
|
|
group = "deploy";
|
|
extraGroups = ["wheel"];
|
|
|
|
hashedPassword = lib.mkForce null;
|
|
hashedPasswordFile = lib.mkForce null;
|
|
password = lib.mkForce null;
|
|
passwordFile = lib.mkForce null;
|
|
|
|
openssh.authorizedKeys.keyFiles = [
|
|
(self + /sshKeys/xun_nixdesk)
|
|
];
|
|
};
|
|
}
|