Cloonar/nixos
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
9d0b5079b19c6bd293933881e96346a8bce46ffe
nixos/fleet.nix
Dominik Polakovics 2c175a324b add web-01 host
2023-08-16 22:31:33 +02:00

45 lines
2.5 KiB
Nix
Raw Blame History

{
lib,
pkgs,
...
}: let
create_users = host: {
users.users."${host.username}" = {
createHome = false;
home = "/home/chroot/" + host.username;
isNormalUser = false;
isSystemUser = true;
group = "sftp_users";
openssh.authorizedKeys.keys = [host.key];
shell = null;
};
};
users = [
{
username = "git.cloonar.com";
key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCkydX9KuRLbLcqYFn/giWZc0vPCx77oh7/9X4oPJtUkWROw1uyZh91iNCxSzV1AZay6rRM8FEwy7PPeAJ7bjsJgHRranqbxHk27H4YXOojw5H9lBozkhcMq7Z6Lz6OMoHdVhZnE525btVLKHWeGtCuoO0pbN5/BsyXEavlGZEaTQbCTjr5sk+f6mG8GqwtuC5yyEY6fGpSs1i72CiwxavLim7nB4vNlbZdWIhmV6MhyAyY5mgt57xJps/mXqXj+/eRqtS7U8KPtJq3uxwsE4cWInToP7TX9GPce1qz4U6+blNwYjt5LTGQs4/kw0IHnJk6IMh+R5kp5L6d6kBeuj0HjMA/Jxei4tD4fsSaHN6gTMSnh2ZwRDwm8Vsk3UJKAWP2heyQAX+axfxHAK4nDGnoFsX/dQV1pUoCD1MdpVS8oyGhDH1ton8oHw7Hsij8AxLgpoEIGa3fKVXaRKQx+YOnpUwoFuHrKh9XH8I7HhrAR6kQWuxaWjFWBgooqlF/iBM= root@git";
}
{
username = "home-assistant.cloonar.com";
key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCnmAkeiyZo0KepL8LBUP91L2jEckc173JFa1x1WjOYwH+mXjaguZGO8yTIdxcq7GM8v/yK9v22MRkXUuPfoTOUKqQ8dlFLT2UJQPCdAG/I8vqS8b5lnhTrudklYLoF9X3TJ20bee/8ospRC5xGfUrDMPze4oSviatyMtKWkPLuj5pQGWl3WUj1lL2vwDvaZW+1CfJMnOADijDJAFtuqL0rXrN00KMif74DHH1hW1SvuW3hBpGkfhKUgtckhvdkv2n4le0yQJOB6lBGaHPB4Z/EQxydiwqcwml3RXjXMR8x+cupWybnJ8BB9BLEBDD5Qqrplr0bIExN22FyEwV1afoma1AqZg0HwJx4fise7Dvh6Dp9PSzx8RGwbTpGyZPwx/ZfaAgSOI5R69LrKGDWONcl4jrGykZWw4XbNJewujOMtDoxOoKYvqsCW2xv8sEGJlo0Q9QzdxgorOb3ND2QZ9OUwm+hMuwiOSECvhiMdqBo5t9qdjRuQTgr8qIBT607M6M= root@home-assistant";
}
{
username = "web-01.cloonar.com";
key = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCl7cvUGMmtpVfJ3PB4Rco7V8z83nivst77SgBn+Z3cHgcDJDu9l3L4Q6rv9b6thmEX+Xf0ri6UwDI8UuJro4F9qpCXsTkHres3f/pDZokgfO7bvU2l7ujq6NnAx0qJWdB6oku36x3t2wBnvkDijXLtGPeQbd6c33hECEwA7QszvoBbGi0yFiGsqR5W7o0kiju/LMzCkExeaspFV6DBtEW0qZVMYx+lBIK5Hi/g3vBjbhFdWGz8T2AITcAnGI9n6f+dg3dlMPEHXnF9KRod1EVDnYMxbEp49i98m65F1xAFwOo35WSg48LlV1PK1VusboE3pHgE2VEFmW1J+PVQZ+z0JAaRBv/wSVN0YzuCLfLtUr10K1W23YbT1UVm7FusKpT1KElZ9adfbk6SXVhXnru40VcwqgYfw7naQJzT8aDI9Tnci+z4xCCxrdUF/psDBPD5sfjMPbjdPbt6Jnx1H9ZodiC/sQUtbn6MMbenMSf/AmuUC9xzpXlqCtPmN1dSC+8= root@web-01";
}
];
in {
imports = builtins.map create_users users;
users.groups = {sftp_users = {};};
services.openssh.extraConfig = ''
Match Group sftp_users
X11Forwarding no
AllowTcpForwarding no
ChrootDirectory %h
ForceCommand internal-sftp
'';
}
Reference in New Issue View Git Blame Copy Permalink