From e5bdcd0543a3127f0aab35ae9126b671409228a6 Mon Sep 17 00:00:00 2001
From: "quentin@aristote.fr" <quentin@aristote.fr>
Date: Sun, 16 Mar 2025 12:43:03 +0100
Subject: nixos: remote building: add user option

---
 modules/nixos/personal/nix.nix | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/modules/nixos/personal/nix.nix b/modules/nixos/personal/nix.nix
index a141057..b85f550 100644
--- a/modules/nixos/personal/nix.nix
+++ b/modules/nixos/personal/nix.nix
@@ -46,6 +46,10 @@ in {
         domain = lib.mkOption {
           type = lib.types.str;
         };
+        user = lib.mkOption {
+          type = lib.types.str;
+          default = "nixremote";
+        };
         protocol = lib.mkOption {
           type = lib.types.str;
           # Nix custom ssh-variant that avoids lots of "trusted-users" settings pain
@@ -222,10 +226,10 @@ in {
           Host hephaistos.${domain}
             # Prevent using ssh-agent or another keyfile, useful for testing
             IdentitiesOnly yes
-            IdentityFile /etc/ssh/nixremote
+            IdentityFile /etc/ssh/${user}
             # The weakly privileged user on the remote builder
             # If not set, 'root' is used – which will hopefully fail
-            User nixremote
+            User ${user}
         '';
         knownHosts."hephaistos.${domain}".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHvtqi8tziBuviUV8LDK2ddQQUbHdJYB02dgWTK5Olxq";
       };
-- 
cgit v1.2.3