diff options
| -rw-r--r-- | config/system.nix | 4 | ||||
| -rw-r--r-- | config/users.nix | 44 |
2 files changed, 24 insertions, 24 deletions
diff --git a/config/system.nix b/config/system.nix index 5a568a2..870ca71 100644 --- a/config/system.nix +++ b/config/system.nix @@ -3,4 +3,8 @@ flake = "git+file:///etc/nixos/"; autoUpgrade.enable = true; }; + system.autoUpgrade = { + dates = "12:30"; + allowReboot = true; + }; } diff --git a/config/users.nix b/config/users.nix index 8dc27a3..777777c 100644 --- a/config/users.nix +++ b/config/users.nix @@ -1,29 +1,25 @@ -{pkgs, ...}: { - personal.user.enable = true; - users = { - users = { - nixremote = { - isSystemUser = true; - shell = pkgs.busybox-sandbox-shell; - group = "nixremote"; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEgohiYF2Dsaq6ImGaslnKJMwpiVtwAaM9cm1tpSRr7t root@kerberos" - ]; - }; - hermes = { - isNormalUser = true; - shell = pkgs.busybox-sandbox-shell; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGstvYymapGvkjvKbFqkMZtE9ft9uEM13n8q798HtOT+ root@hermes" - ]; - homeMode = "700"; - }; - }; - groups.nixremote = {}; +{ + lib, + pkgs, + ... +}: let + remoteBuildingUsers = { + hermes = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGstvYymapGvkjvKbFqkMZtE9ft9uEM13n8q798HtOT+ root@hermes"; + kerberos = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEgohiYF2Dsaq6ImGaslnKJMwpiVtwAaM9cm1tpSRr7t root@kerberos"; }; +in { + personal.user.enable = true; + users.users = + builtins.mapAttrs (_: key: { + isNormalUser = true; + shell = pkgs.busybox-sandbox-shell; + openssh.authorizedKeys.keys = [key]; + homeMode = "700"; + }) + remoteBuildingUsers; - system.userActivationScripts.hermesSetup = '' - if [ $(whoami) = hermes ] + system.userActivationScripts.remoteBuildingSetup = '' + if [[ $(whoami) = @(${lib.concatStringsSep "|" (builtins.attrNames remoteBuildingUsers)}) ]] then mkdir --parents --mode=700 nixos-configuration git init --bare nixos-configuration |