tdpeuter/bos55-nix-config-cicd
1
Fork 0
forked from Bos55/nix-config
Code Pull requests 1 Releases Packages Activity Actions
bos55-nix-config-cicd/users/admin/default.nix
Tibo De Peuter ccfa328771
Some checks failed
Build / build (Development) (push) Has been cancelled
Details
Build / Determining hosts to build (push) Failing after 13m25s
Details
Build / build (Testing) (push) Has been cancelled
Details
refactor(security): migrate hardcoded credentials and SSH keys to sops-nix
2026-03-17 21:45:56 +01:00

41 lines
982 B
Nix
Raw Blame History

{ config, lib, pkgs, ... }:
let
cfg = config.homelab.users.admin;
in {
options.homelab.users.admin = {
enable = lib.mkEnableOption "user System Administrator";
authorizedKeys = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [
# HomeLab > NixOS > admin > ssh
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGWIOOEqTy8cWKpENVbzD4p7bsQgQb/Dgpzk8i0dZ00T"
];
};
};
config = lib.mkIf cfg.enable {
nix.settings.trusted-users = [
config.users.users.gh0st.name
];
users.users.gh0st = {
description = "System Administrator";
isNormalUser = true;
extraGroups = [
config.users.groups.wheel.name # Enable 'sudo' for the user.
];
initialPassword = "ChangeMe";
openssh.authorizedKeys.keyFiles = [
config.sops.secrets.user_keys_admin.path
];
packages = with pkgs; [
curl
git
tmux
vim
wget
];
};
};
}
View git blame Copy permalink