41 lines
1.8 KiB
Nix
41 lines
1.8 KiB
Nix
{
|
|
lib,
|
|
pkgs,
|
|
...
|
|
}: let
|
|
create_users = host: {
|
|
users.users."${host.username}" = {
|
|
createHome = false;
|
|
home = "/home/chroot/" + host.username;
|
|
isNormalUser = false;
|
|
isSystemUser = true;
|
|
group = "sftp_users";
|
|
openssh.authorizedKeys.keys = [host.key];
|
|
shell = null;
|
|
};
|
|
};
|
|
|
|
users = [
|
|
{
|
|
username = "git.cloonar.com";
|
|
key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCkydX9KuRLbLcqYFn/giWZc0vPCx77oh7/9X4oPJtUkWROw1uyZh91iNCxSzV1AZay6rRM8FEwy7PPeAJ7bjsJgHRranqbxHk27H4YXOojw5H9lBozkhcMq7Z6Lz6OMoHdVhZnE525btVLKHWeGtCuoO0pbN5/BsyXEavlGZEaTQbCTjr5sk+f6mG8GqwtuC5yyEY6fGpSs1i72CiwxavLim7nB4vNlbZdWIhmV6MhyAyY5mgt57xJps/mXqXj+/eRqtS7U8KPtJq3uxwsE4cWInToP7TX9GPce1qz4U6+blNwYjt5LTGQs4/kw0IHnJk6IMh+R5kp5L6d6kBeuj0HjMA/Jxei4tD4fsSaHN6gTMSnh2ZwRDwm8Vsk3UJKAWP2heyQAX+axfxHAK4nDGnoFsX/dQV1pUoCD1MdpVS8oyGhDH1ton8oHw7Hsij8AxLgpoEIGa3fKVXaRKQx+YOnpUwoFuHrKh9XH8I7HhrAR6kQWuxaWjFWBgooqlF/iBM= root@git";
|
|
}
|
|
{
|
|
username = "home-assistant.cloonar.com";
|
|
key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCnmAkeiyZo0KepL8LBUP91L2jEckc173JFa1x1WjOYwH+mXjaguZGO8yTIdxcq7GM8v/yK9v22MRkXUuPfoTOUKqQ8dlFLT2UJQPCdAG/I8vqS8b5lnhTrudklYLoF9X3TJ20bee/8ospRC5xGfUrDMPze4oSviatyMtKWkPLuj5pQGWl3WUj1lL2vwDvaZW+1CfJMnOADijDJAFtuqL0rXrN00KMif74DHH1hW1SvuW3hBpGkfhKUgtckhvdkv2n4le0yQJOB6lBGaHPB4Z/EQxydiwqcwml3RXjXMR8x+cupWybnJ8BB9BLEBDD5Qqrplr0bIExN22FyEwV1afoma1AqZg0HwJx4fise7Dvh6Dp9PSzx8RGwbTpGyZPwx/ZfaAgSOI5R69LrKGDWONcl4jrGykZWw4XbNJewujOMtDoxOoKYvqsCW2xv8sEGJlo0Q9QzdxgorOb3ND2QZ9OUwm+hMuwiOSECvhiMdqBo5t9qdjRuQTgr8qIBT607M6M= root@home-assistant";
|
|
}
|
|
];
|
|
in {
|
|
imports = builtins.map create_users users;
|
|
|
|
users.groups = {sftp_users = {};};
|
|
|
|
services.openssh.extraConfig = ''
|
|
Match Group sftp_users
|
|
X11Forwarding no
|
|
AllowTcpForwarding no
|
|
ChrootDirectory %h
|
|
ForceCommand internal-sftp
|
|
'';
|
|
}
|