From 94e235add808c8b342a49555791f9f8c71ca79ff Mon Sep 17 00:00:00 2001 From: Sean Buckley Date: Tue, 9 Nov 2021 12:20:34 -0500 Subject: [PATCH] move user accounts to separate file --- modules/baseline.nix | 15 +-------------- modules/sean.nix | 21 +++++++++++++++++++++ 2 files changed, 22 insertions(+), 14 deletions(-) create mode 100644 modules/sean.nix diff --git a/modules/baseline.nix b/modules/baseline.nix index e850bcf..2a2c24c 100644 --- a/modules/baseline.nix +++ b/modules/baseline.nix @@ -21,10 +21,7 @@ (x: (pkgs.writeShellScriptBin "sc-${x}" "nixos-rebuild ${x} --refresh --flake github:buckley310/nixos-config")) [ "switch" "build" "boot" ]; - systemd.tmpfiles.rules = [ - "e /nix/var/log - - - 30d" - "e /home/sean/Downloads - - - 9d" - ]; + systemd.tmpfiles.rules = [ "e /nix/var/log - - - 30d" ]; zramSwap.enable = true; @@ -61,14 +58,4 @@ publish.addresses = true; }; }; - - users.users.sean = { - isNormalUser = true; - extraGroups = [ "wheel" "audio" "video" "networkmanager" "dialout" "input" "wireshark" ]; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqWHzIXaF88Y8+64gBlLbZ5ZZcLl08kTHG1clHd7gaq desktop" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJlMPWSVyDNAvXYtpXCI/geCeUEMbL9Nthm9B0zg1sIy sean@hp" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDuuBHq3x28cdQ0JWAZ0R+2rVlRoPnA+MOvpdF5rraGp sean@lenny" - ]; - }; } diff --git a/modules/sean.nix b/modules/sean.nix new file mode 100644 index 0000000..d528788 --- /dev/null +++ b/modules/sean.nix @@ -0,0 +1,21 @@ +{ config, lib, pkgs, ... }: +let + keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqWHzIXaF88Y8+64gBlLbZ5ZZcLl08kTHG1clHd7gaq desktop" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJlMPWSVyDNAvXYtpXCI/geCeUEMbL9Nthm9B0zg1sIy sean@hp" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDuuBHq3x28cdQ0JWAZ0R+2rVlRoPnA+MOvpdF5rraGp sean@lenny" + ]; +in +{ + users.users.root.openssh.authorizedKeys = + if config.sconfig.profile == "server" + then { inherit keys; } else { }; + + users.users.sean = { + isNormalUser = true; + extraGroups = [ "wheel" "audio" "video" "networkmanager" "dialout" "input" "wireshark" ]; + openssh.authorizedKeys = { inherit keys; }; + }; + + systemd.tmpfiles.rules = [ "e /home/sean/Downloads - - - 9d" ]; +}