kevin/dotfiles
1
0
Fork 0
mirror of https://github.com/Unkn0wnCat/dotfiles.git synced 2025-05-22 03:26:09 +02:00
Code Issues Projects Releases Wiki Activity

Update SSH configuration system

Browse source
This commit is contained in:
Kevin Kandlbinder 2023-01-04 15:12:41 +01:00
parent ee9830b87f
commit b02db50513
2 changed files with 40 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

2
nixos/modules/kevin/default.nix
View file

@ -84,7 +84,7 @@ in {
description = "Kevin Kandlbinder";
extraGroups = [ "wheel" "docker" "dialout" "networkmanager" ];
};
kevin.ssh.authorized.kevin = true;
kevin.ssh.authorized.kevin.users = ["kevin" "root"];
})
(mkIf (cfg.defaults == "desktop") {
services.xserver.videoDrivers = [ "nvidia" ];

43
nixos/modules/kevin/ssh.nix
View file

@ -2,20 +2,53 @@
with lib;
let
cfg = config.kevin.ssh;
authorizedOpts = {name, config, ...}: {
options = {
/*name = mkOption {
type = types.passwdEntry types.str;
description = "Name of the user. Must be the name of a directory in /etc/nixos/ssh";
};*/
users = mkOption {
type = with types; listOf types.str;
default = [];
example = [
"kevin"
"root"
];
description = "Accounts this SSH key should have access to";
};
};
};
in {
options.kevin.ssh = {
server.enable = mkEnableOption "kevins ssh";
authorized.kevin = mkEnableOption "set authorized for kevin";
authorized = mkOption {
default = {};
type = with types; attrsOf (submodule authorizedOpts);
example = {
kevin = {
users = [ "kevin" "root" ];
};
};
description = "Object containing users and the accounts they are authorized for.";
};
};
config = mkMerge [
(mkIf cfg.server.enable {
kevin.networking.ssh.enable = true;
})
(mkIf cfg.authorized.kevin {
users.users."kevin".openssh.authorizedKeys.keyFiles = [
/etc/nixos/ssh/kevin/authorized_keys
{
users.users = mkMerge (map (name: (
mkMerge (
map (user: {
"${user}".openssh.authorizedKeys.keyFiles = [
"/etc/nixos/ssh/${name}/authorized_keys"
];
})
}) cfg.authorized."${name}".users
)
)) (attrNames cfg.authorized));
}
];
}