nixos-config/users/builder/default.nix

{ config, lib, ... }:
with lib;
let
  cfg = config.eboskma.users.builder;
  authorizedKeys = builtins.map (key: (builtins.readFile (./keys/${key}))) (
    builtins.attrNames (builtins.readDir ./keys)
  );
in
{
  options.eboskma.users.builder = {
    enable = mkEnableOption "builder";
  };

  config = mkIf cfg.enable {
    users.users.builder = {
      isSystemUser = true;
      group = "builder";
      useDefaultShell = true;
      home = "/var/lib/builder";
      createHome = true;
      openssh.authorizedKeys.keys = authorizedKeys;
    };

    users.groups.builder = { };

    nix.settings.trusted-users = [ "builder" ];
  };
}
Add pre-commit hooks and fix style issues 2022-11-19 20:00:54 +01:00			`{ config, lib, ... }:`
Set up loki as remote builder 2022-08-14 16:38:25 +02:00			`with lib;`
			`let`
			`cfg = config.eboskma.users.builder;`
Run nixfmt 2024-02-05 11:46:52 +01:00			`authorizedKeys = builtins.map (key: (builtins.readFile (./keys/${key}))) (`
			`builtins.attrNames (builtins.readDir ./keys)`
			`);`
Set up loki as remote builder 2022-08-14 16:38:25 +02:00			`in`
			`{`
Run nixfmt 2024-02-05 11:46:52 +01:00			`options.eboskma.users.builder = {`
			`enable = mkEnableOption "builder";`
			`};`
Set up loki as remote builder 2022-08-14 16:38:25 +02:00
Run `statix fix` 2022-10-05 11:32:13 +02:00			`config = mkIf cfg.enable {`
Set up loki as remote builder 2022-08-14 16:38:25 +02:00			`users.users.builder = {`
			`isSystemUser = true;`
			`group = "builder";`
			`useDefaultShell = true;`
			`home = "/var/lib/builder";`
			`createHome = true;`
			`openssh.authorizedKeys.keys = authorizedKeys;`
			`};`

Formatting 2022-08-18 16:37:26 +02:00			`users.groups.builder = { };`
Set up loki as remote builder 2022-08-14 16:38:25 +02:00
			`nix.settings.trusted-users = [ "builder" ];`
			`};`
			`}`