nixos-config/users/builder/default.nix
2022-08-18 16:37:26 +02:00

25 lines
634 B
Nix

{ pkgs, config, lib, ... }:
with lib;
let
cfg = config.eboskma.users.builder;
authorizedKeys = builtins.map (key: (builtins.readFile (./keys/${key})))
(builtins.attrNames (builtins.readDir ./keys));
in
{
options.eboskma.users.builder = { enable = mkEnableOption "builder"; };
config = mkIf (cfg.enable) {
users.users.builder = {
isSystemUser = true;
group = "builder";
useDefaultShell = true;
home = "/var/lib/builder";
createHome = true;
openssh.authorizedKeys.keys = authorizedKeys;
};
users.groups.builder = { };
nix.settings.trusted-users = [ "builder" ];
};
}