jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

remote-builder wip

Browse Source 
kasjas

dk

fix nixremote group settings

dkaskljd

sakjdaskljdas

ksajdasd
This commit is contained in:
Danilo Reyes 2023-09-24 14:31:45 -06:00
parent 28d03b2936
commit 888fba07f2
1 changed files with 26 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
workstation/configuration.org
View File

@ -189,6 +189,20 @@ Being part of the "wheel" group, means that the user has root privileges.
#+begin_src nix #+begin_src nix
users.users.root.openssh.authorizedKeys.keys = [ sshKeyBattlestation ]; users.users.root.openssh.authorizedKeys.keys = [ sshKeyBattlestation ];
users.groups.nixremote = {
name = "nixremote";
gid = 555;
};
users.users.nixremote = {
isNormalUser = true;
createHome = true;
group = "nixremote";
home = "/var/nixremote/";
openssh.authorizedKeys.keys = [
sshKeyBattlestation
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDwyCBh8BmemoclUuTdmPsad/ROu15WlfyHtUrxU/+uAPwMvgniq0QzJg4ctHxFk+Fgg7YhHlf9vRVgtnrjXONf9XqSqUfA69rMsev8unNiJytOJ4J3X2YWYJQMZmJ33zudqxcTFjDXG7n4vC+Gfu9bKEeD/h+Vov47p8/DIBW+p/IYyICt8P5BRPGDDfmDIhslqUdxpq6F2TEtI33n68je4C8yiOBTSHGKNimK/NUpyEf8LtXPSuh/DXwigse1po+ft9nZ92mH/vHfsSU7a93xDhqPiyQbjqROa4YDt8D4tzpesTnYLDEvphJ5sS8wGe7PAtXnnXjQlVH0p1uC+AMu+U4RH8szK9/TukC5OWDn4uPrmLjfHi3jRCUpUT8ZMBaotzSpj9aitGnBtl8eNfJEP2FQuYNdVXJNiLGShCPqdRo0tpA8I77+oGF81RPT6HAugJWPfRvOyd+p0fJUM9tUShZTU873deFPIt4S0y27L+qI3fu6p1lrVc7l6aXHhvc= root@battlestation"
];
};
users.users.jawz = { users.users.jawz = {
isNormalUser = true; isNormalUser = true;
extraGroups = [ "wheel" "networkmanager" "docker" extraGroups = [ "wheel" "networkmanager" "docker"
@ -199,7 +213,7 @@ users.users.jawz = {
openssh = { openssh = {
authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB5GaQM4N+yGAByibOFQOBVMV/6TjOfaGIP+NunMiK76 gpodeacero\cdreyes@100CDREYES" authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB5GaQM4N+yGAByibOFQOBVMV/6TjOfaGIP+NunMiK76 gpodeacero\cdreyes@100CDREYES"
sshKeyBattlestation sshKeyBattlestation
]; ];
}; };
#+end_src #+end_src
@ -691,22 +705,14 @@ services = {
"/mnt/disk2" "/mnt/disk2"
]; ];
}; };
openssh = let sshPort = 25152; in { openssh = {
enable = true; enable = true;
# ports = [ sshPort ];
openFirewall = true; openFirewall = true;
startWhenNeeded = true;
settings = { settings = {
PasswordAuthentication = false; PasswordAuthentication = false;
KbdInteractiveAuthentication = false; KbdInteractiveAuthentication = false;
}; };
startWhenNeeded = true;
# listenAddresses = [
# {
# addr = "0.0.0.0";
# port = 22;
# # port = sshPort;
# }
# ];
}; };
}; };
#+end_src #+end_src
@ -887,6 +893,15 @@ system = {
}; };
nix = { nix = {
settings = { settings = {
trusted-users = [ "nixremote" ];
auto-optimise-store = true;
system-features = [
"nixos-test"
"benchmark"
"big-parallel"
"kvm"
"gccarch-znver3"
];
substituters = [ substituters = [
"https://nix-gaming.cachix.org" "https://nix-gaming.cachix.org"
"https://nixpkgs-python.cachix.org" "https://nixpkgs-python.cachix.org"