mirror of
https://github.com/kittywitch/nixfiles.git
synced 2026-02-09 20:39:18 -08:00
31 lines
669 B
Nix
31 lines
669 B
Nix
{ config, pkgs, lib, ... }: let
|
|
# TODO: solve lib usage
|
|
inherit (lib.lists) concatLists elem;
|
|
inherit (lib.attrsets) mapAttrsToList;
|
|
commonUser = {
|
|
openssh.authorizedKeys.keys = concatLists (mapAttrsToList
|
|
(_: user:
|
|
if elem "wheel" user.extraGroups then
|
|
user.openssh.authorizedKeys.keys
|
|
else
|
|
[ ])
|
|
config.users.users);
|
|
};
|
|
in {
|
|
security.sudo.extraRules = [{
|
|
users = [ "deploy" ];
|
|
commands = [ {
|
|
command = "ALL";
|
|
options = [
|
|
"NOPASSWD"
|
|
"SETENV"
|
|
];
|
|
} ];
|
|
}];
|
|
users.users = {
|
|
root = commonUser;
|
|
deploy = commonUser // {
|
|
isNormalUser = true;
|
|
};
|
|
};
|
|
}
|