making a reduced permissions user for automation

author: Devin Finlinson <devin.finlinson@pm.me> 2024-02-14 08:34:00 -0700
committer: Devin Finlinson <devin.finlinson@pm.me> 2024-02-14 08:34:00 -0700
commit: f7593d6fc923692a8ba500f3fbe05d64fe9ffa58 (patch)
tree: 3d8d2bc7248b345098511ec4173bc87045328c96 /modules/users/git.nix
parent: 152fcf721aa4227489a66b5c501f7c363d4168f2 (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/modules/users/git.nix b/modules/users/git.nix
new file mode 100644
index 0000000..494f4b5
--- /dev/null
+++ b/modules/users/git.nix
@@ -0,0 +1,16 @@
+{ pkgs, ... }: {
+	users = {
+		mutableUsers = false;
+		users.git = {
+			isNormaluser = false;
+			description = "user for git and building automation";
+			extraGroups = [ "builders" ];
+
+			openssh.authorizedKeys.keys = [
+        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHslJRD5+7rytlVDzeZh6B/4XW8QWQ5dsWWDBbOXKTrJ defin@zenbook"
+			];
+		};
+	};
+
+	services.openssh = { settings.PasswordAuthenitcation = false; };
+}
author	Devin Finlinson <devin.finlinson@pm.me>	2024-02-14 08:34:00 -0700
committer	Devin Finlinson <devin.finlinson@pm.me>	2024-02-14 08:34:00 -0700
commit	f7593d6fc923692a8ba500f3fbe05d64fe9ffa58 (patch)
tree	3d8d2bc7248b345098511ec4173bc87045328c96 /modules/users/git.nix
parent	152fcf721aa4227489a66b5c501f7c363d4168f2 (diff)