46 lines
1.2 KiB
Nix
46 lines
1.2 KiB
Nix
{
|
|
lib,
|
|
config,
|
|
inputs,
|
|
pkgs,
|
|
...
|
|
}:
|
|
{
|
|
options.my.users.nixremote = {
|
|
enable = lib.mkEnableOption "nixremote user for distributed builds";
|
|
authorizedKeys = lib.mkOption {
|
|
type = lib.types.listOf lib.types.path;
|
|
default = inputs.self.lib.getSshKeys [
|
|
"nixworkstation"
|
|
"nixserver"
|
|
"nixminiserver"
|
|
];
|
|
description = "List of SSH public key files to authorize for nixremote user";
|
|
};
|
|
gid = lib.mkOption {
|
|
type = lib.types.int;
|
|
default = 555;
|
|
description = "Group ID for the nixremote group";
|
|
};
|
|
home = lib.mkOption {
|
|
type = lib.types.str;
|
|
default = "/var/nixremote/";
|
|
description = "Home directory for the nixremote user";
|
|
};
|
|
};
|
|
config = lib.mkIf config.my.users.nixremote.enable {
|
|
users = {
|
|
groups.nixremote.gid = config.my.users.nixremote.gid;
|
|
users.nixremote = {
|
|
inherit (config.my.users.nixremote) home;
|
|
uid = 979;
|
|
isSystemUser = true;
|
|
createHome = true;
|
|
group = "nixremote";
|
|
shell = pkgs.bashInteractive;
|
|
openssh.authorizedKeys.keyFiles = config.my.users.nixremote.authorizedKeys;
|
|
};
|
|
};
|
|
};
|
|
}
|