blob: 6634ab837c84ea6319f2a648bfc2385c287d1863 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
{config, pkgs, lib, ... }: {
# Define a user account. Don't forget to set a password with ‘passwd’.
users = {
mutableUsers = false;
users.defin = {
isNormalUser = true;
description = "Devin Finlinson";
extraGroups = [ "wheel" "builders" "video" "input" "docker" "dialout" "wireshark" "networkmanager" "libvirtd" "adbusers" ]; # (wheel) Enable ‘sudo’ for the user.
shell = pkgs.nushell;
hashedPassword = "$y$j9T$YtRkFL3JLAB/zfyr89aFp.$of1IUt84c2i26l6GQWHO2qX0dNiPDZgVGpaNPVyAs24";
openssh.authorizedKeys.keys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCmzvB5AfjjioiGywizWdBVsarvOSw4YGhgxhk8w34rZA4DghCXme8ILbkk4x4k+VTC6dPVKkvjPY1nn+qx1BtySSSj30Oez7iIqmMH2DvsQMa4zBPe6W4CUo76HrkqR4+rghto8fYZFCo6JhScUr48TvpGIEqsWRQxIGXvFpAazmu1OlsycWatruYwJby5wg2ZIEL9Ci0OHdwGfU1OTexY1Bl03s5Qr6dodvdwSc0ft6Qtv/ijy7iC3ySB2NhirUfDOtS8ysV3yhyxlcXgdI1vksZ6GIoB7TsfdcnpCMcOPSGvQLnAY4+5IDQElkC2igSBSiuUbqDbzNSRw+ctHsoqKAyjAob51XphVJh7CcgBkFufSTJLsOBhyyZSrEBlNB7AHJrFQSnoYYlFjILx4gfcqBxDMOSFL1CiarOq3oZ+udaX06uhIjVXzZhkggqxrCRRwOtPd6eKbuK+2oa0h93QtKQQhrwXCpbVRBe5V3u3i4I7xFFMpYJ3Kcteiua1qxKhF9RNP4zJPDzYyxfiDOWEbMxnyEwFENvVgkdPIaFSEtjvzmdEfWRJ9RBlS5H/7hr48Q1berhT8dMoB55xNiQhD2GTqWX81kzjSHzeeakXTzwmgJUhfbMP7E3ndSaeY0MW6U8MYF0f1ZfaL0jFMWo1G8bv2ptayMpykHdTWSXfpQ== defin@gpg"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKm9srflwzQ4CECjDj8Il1aRcnt2rFc4w6mSSMOYds3F defin@allseries"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEQqjxtw6iZbw5boN5rz+wH9A+0OyEP3YJoEgwdkF/Bp defin@khad"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBxVpBnkWiukuHNt81K2gRNVjOdz9lFiaw0fhZ4CcB3R gitlab"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQD44/CafgJ4GbSwx1ZUQUTnHEi7SKltggN4k9I6ghiSUv8znYdzxa5nDZIF38DkNPG4YqBY2LX+i5XVfvc68P8hgiwCFISEa5orQhTusRAPxyrI8QC75Ez7so/WnRMCckIj/7JprLzo/v3NBieC1OoXiFUxoUhHwVll2siBhHYItzF6IkytKb0G5ZK3V0B6fetw3TY9pMEE1Tcr4VapFDj9neVJxYh1rKR8zjU24uSOWtW/+d4cZIfzVj2ZUS92IO/lwjtzeZwzr3TEkejSaQYZR/WF1oFUs2ZO4bwBn7cvgqHhXbkIKkLjDU8EdwdaOOyWJyZje5Hw96BSQSHuu214l4/lna1iQJpMzr5qESQ7hJqlUupkEiKbCmL0rjJobE84loENq41TBi8292Ve1jV8DWgQVo90rJ/SCcAJvIWQTYDkdEz2y+5NwhwS2T8Ew9h6vs2iN+pcL9PJxFaYcbiHnBj49Gh4J6ARyZtPMvCeI4n7CuJ8K2qjQV36Tt81krs= defin@doretta"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBrDUymBW+rosSI68sxDKLMfH7cOPPLG5K+CuA6aYcsp defin@bosco"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGDatxD3mSPG8/72Ka0uuGpGHrwh6N718ZCLCOkOLwmM defin@doretta"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHXrt3+N4+ahtXZCUn11evQsVGsGgAohGwafC29/a4fk defin@Radahn"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICkGcmYIYCe6GHsZZvnXqsedF0wn+AhGSr+RPJtUO/kl defin@khad"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEaMYXO9ghATyUPzyE7aD/XVVmK9UAexueoGEYAqPT4L defin@kebab"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOpuV1zp/wtG840C9aJC0BJqSbfpAoncRGbHX/HvhEYU defin@picast"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAB4QbGvZ0YX5Clw02R1ffDfdWl1xL4dLUdcgIxHeHm0 defin@betsy"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDUIumSjqtj2fhYJvrFOgJGgQ2oEJBbG9ARzunKDX9mH defin@fairphone5"
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBCCNKc3MpAm0FkMy9KG2U+Qq5nk/WN/qvVbxUZzEjsFzELEJ/iDF8YQ6K8gyBDe85QQk/AhKBLdzd5ZZPdM5GP8= defin@fairphone5"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB5CATqAUsBWLTIaqtdAS/EO3L/04NwKEmnv7D68vO+a defin@biski"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILuW75N5K0/83bOgsB/yymgIHoQgaaAJjW9MMDG9s/2p defin@picast2"
# keys for remote build
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPLx3RgUgbE7THS7hRZypyudEKffj0ppwQfQuxIpPf8H root@zenbook"
];
};
};
# nix.settings.trusted-users = [ "@builders" ];
security.pam = {
sshAgentAuth.enable = true;
# services.sudo.sshAgentAuth = true;
};
# I can't think of a better spot to put this rn.
services.openssh = {
ports = [ 22 2200 ]; # needed because isp blocks ssh over 22
settings.PasswordAuthentication = false;
};
}
|
