diff --git a/hosts/ghaf-webserver/configuration.nix b/hosts/ghaf-webserver/configuration.nix index 733f3ffb..0490a73b 100644 --- a/hosts/ghaf-webserver/configuration.nix +++ b/hosts/ghaf-webserver/configuration.nix @@ -14,6 +14,7 @@ imports = [ ./disk-config.nix + ./gala_uploaders.nix (modulesPath + "/profiles/qemu-guest.nix") inputs.sops-nix.nixosModules.sops inputs.disko.nixosModules.disko diff --git a/hosts/ghaf-webserver/gala_uploaders.nix b/hosts/ghaf-webserver/gala_uploaders.nix new file mode 100644 index 00000000..163d0c5f --- /dev/null +++ b/hosts/ghaf-webserver/gala_uploaders.nix @@ -0,0 +1,48 @@ +# SPDX-FileCopyrightText: 2022-2024 TII (SSRC) and the Ghaf contributors +# SPDX-License-Identifier: Apache-2.0 +{ lib, ... }: +let + groupName = "gala"; + + # add new uploaders here + uploaders = [ + { + desc = "Mikko Koivisto"; + name = "mikko_koivisto"; + keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHx2xDbBcBFRCQ8vtA47UMT4zBasUWxK+1CYOQSrv2BL mikko_koivisto@Mikkos-MacBook-Pro.local" + ]; + } + { + desc = "Nikita Bazulin"; + name = "nikita.bazulin"; + keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL/8+QSIlYHTMS6SOTd59WudS76HtZmbnSTSO04icPw1 nikita.bazulin@unikie.com" + ]; + } + ]; +in +{ + users = { + groups."${groupName}" = { }; + + users = builtins.listToAttrs ( + map ( + { + desc, + name, + keys, + }: + lib.nameValuePair name { + inherit name; + + description = desc; + openssh.authorizedKeys.keys = keys; + + isNormalUser = true; + extraGroups = [ groupName ]; + } + ) uploaders + ); + }; +}