31 lines
746 B
Nix
31 lines
746 B
Nix
{ config, lib, ... }:
|
|
let
|
|
cfg = config.kropcloud.admin;
|
|
in
|
|
{
|
|
options.kropcloud.admin = {
|
|
user = lib.mkOption {
|
|
type = lib.types.str;
|
|
default = "krop";
|
|
description = "Name of the admin user to be created.";
|
|
};
|
|
sshKeys = lib.mkOption {
|
|
type = lib.types.listOf lib.types.str;
|
|
default = [ ];
|
|
description = "List of SSH public keys to authorize for the admin user.";
|
|
};
|
|
};
|
|
|
|
config = {
|
|
|
|
age.secrets.mypassword.file = ../../secrets/mypassword.age;
|
|
|
|
# Define the admin user
|
|
users.users.${cfg.user} = {
|
|
passwordFile = config.age.secrets.mypassword.path;
|
|
isNormalUser = true;
|
|
extraGroups = [ "wheel" ];
|
|
openssh.authorizedKeys.keys = cfg.sshKeys;
|
|
};
|
|
};
|
|
}
|