modules/remote-builder.nix at main · yemou.pink/nix-configs

yemou.pink / nix-configs

Nix configurations for my homelab

nix-configs / modules / remote-builder.nix

at main 677 B view raw

 1{
 2  config,
 3  lib,
 4  pkgs,
 5  ...
 6}:
 7{
 8  imports = [ ./openssh.nix ];
 9
10  users = {
11    groups.nixremote = { };
12    users.nixremote = {
13      createHome = true;
14      group = "nixremote";
15      home = "/home/nixremote";
16      homeMode = "550";
17      isSystemUser = true;
18      shell = pkgs.bashInteractive;
19      openssh.authorizedKeys.keys = [
20        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFuJaCiwaXH6O7WDSmDsj1jRBzw+CJkRi1lBcdn7sON1 nixremote"
21      ];
22    };
23  };
24
25  nix.settings.trusted-users = [ "nixremote" ];
26
27  services.openssh.settings.AllowUsers = [
28    (lib.mkIf (config.networking.hostName != "lily") "nixremote@${config.garden.info.network.lily.netbird-ip}")
29  ];
30}