tdpeuter/bos55-nix-config-cicd
1
Fork 0
forked from Bos55/nix-config
Code Pull requests 1 Releases Packages Activity Actions
bos55-nix-config-cicd/users/backup/default.nix
Tibo De Peuter 1c437333f3
Some checks failed
Build / Determining hosts to build (push) Failing after 12m41s
Details
Build / build (Development) (push) Has been cancelled
Details
Build / build (Testing) (push) Has been cancelled
Details
feat(security): implement metadata redaction and sops-nix migration 
Migrated authorized SSH keys and personal metadata (emails, tokens) to sops-nix to prevent infrastructure fingerprinting. Introduced centralized secrets module with placeholder fallbacks.
2026-03-17 19:41:31 +01:00

20 lines
466 B
Nix
Raw Permalink Blame History

{ config, lib, ... }:
let
cfg = config.homelab.users.backup;
in {
options.homelab.users.backup.enable = lib.mkEnableOption "user Backup";
config = lib.mkIf cfg.enable {
users.users.backup = {
description = "Backup User";
isNormalUser = true;
extraGroups = [
"docker" # Allow access to the docker socket.
];
openssh.authorizedKeys.keyFiles = [
config.sops.secrets.user_keys_backup.path
];
};
};
}
View git blame Copy permalink