Omni/Users.nix


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61

{
  config,
  lib,
  ...
}: let
  readKeys = k:
    lib.trivial.pipe k [
      builtins.readFile
      (lib.strings.splitString "\n")
      (lib.filter (s: s != ""))
    ];
in {
  users.groups = {
    # group for publishing web data
    "www-data" = {};
  };
  users.motd = ''

    welcome to the simatime network!
    your host is '${config.networking.hostName}'

  '';
  users.mutableUsers = false;
  users.users = {
    # bots
    #
    deploy = {
      isNormalUser = true;
      home = "/home/deploy";
      openssh.authorizedKeys.keys = readKeys ./Keys/Deploy.pub;
      extraGroups = ["wheel"];
    };
    #
    # humans
    #
    root.openssh.authorizedKeys.keys = readKeys ./Keys/Ben.pub;

    ben = {
      description = "Ben Sima";
      isNormalUser = true;
      home = "/home/ben";
      openssh.authorizedKeys.keys = readKeys ./Keys/Ben.pub;
      extraGroups = ["wheel" "docker" "bitcoind-mainnet" "git"];
      hashedPassword = "$6$SGhdoRB6DhWe$elW8RQE1ebe8JKf1ALW8jGZTPCyn2rpq/0J8MV/A9y8qFMEhA.Z2eiexMgptohZAK5kcGOc6HIUgNzJqnDUvY.";
    };
    dre = {
      description = "Andres Ulloa";
      isNormalUser = true;
      home = "/home/dre";
      openssh.authorizedKeys.keys = readKeys ./Keys/Dre.pub;
      extraGroups = ["wheel" "git"];
    };
    nick = {
      description = "Nick Sima";
      isNormalUser = true;
      home = "/home/nick";
      openssh.authorizedKeys.keys = readKeys ./Keys/Nick.pub;
      extraGroups = ["docker" "git"];
    };
  };
}