ops/nixos: add deployer user

This commit is contained in:
Luke Granger-Brown 2020-05-09 01:10:20 +01:00
parent bc50bdb7d2
commit 2508b6ed9a
2 changed files with 19 additions and 0 deletions

View file

@ -35,7 +35,25 @@ in
extraGroups = [ "wheel" ]; extraGroups = [ "wheel" ];
hashedPassword = secrets.passwordHashes.lukegb; hashedPassword = secrets.passwordHashes.lukegb;
}; };
deployer = {
isSystemUser = true;
uid = 1001;
hashedPassword = "NP";
openssh.authorizedKeys.keyFiles = [
../../secrets/deployer_ed25519.pub
];
}; };
};
security.sudo.extraRules = [{
users = [ "deployer" ];
commands = [{
command = "${rebuilder}/bin/rebuilder";
options = [ "NOPASSWD" ];
}];
}];
security.sudo.extraConfig = ''
Defaults:deployer !requiretty
'';
programs.mtr.enable = true; programs.mtr.enable = true;
services.openssh.enable = true; services.openssh.enable = true;

View file

@ -0,0 +1 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAz3ZptYA9SjCtZEQwF8/ACCO0W3Edh9asAmNGE2U4bQ lukegb@porcorosso