diff options
author | Nguyễn Gia Phong <cnx@loang.net> | 2024-01-12 02:49:13 +0900 |
---|---|---|
committer | Nguyễn Gia Phong <cnx@loang.net> | 2024-01-12 02:49:13 +0900 |
commit | c5c7efb19bf15cd7d191b2c917884bab0fad64e8 (patch) | |
tree | ff9965e918d027a1c3f3eebab674a5a8badc4ca6 /configuration.nix | |
parent | db927a71c6caafc7db742af88e28a52cecc47b97 (diff) | |
download | nixos-conf-c5c7efb19bf15cd7d191b2c917884bab0fad64e8.tar.gz |
Split user access control to separate module
Diffstat (limited to 'configuration.nix')
-rw-r--r-- | configuration.nix | 68 |
1 files changed, 1 insertions, 67 deletions
diff --git a/configuration.nix b/configuration.nix index 0972cad..3e6ad48 100644 --- a/configuration.nix +++ b/configuration.nix @@ -30,6 +30,7 @@ }; imports = [ + ./access.nix ./automation.nix ./dbms.nix ./dns.nix @@ -86,18 +87,6 @@ }; }; - security.sudo = { - enable = true; - wheelNeedsPassword = false; - }; - - services.openssh = { - enable = true; - openFirewall = true; - settings.PasswordAuthentication = false; - ports = [ 2211 ]; - }; - system.stateVersion = "22.05"; systemd.extraConfig = '' @@ -105,59 +94,4 @@ ''; time.timeZone = "UTC"; - - users.users = { - axl = { - isNormalUser = true; - openssh.authorizedKeys.keyFiles = [ "/etc/ssh/axl.pub" ]; - }; - - ckie = { - isNormalUser = true; - openssh.authorizedKeys.keyFiles = [ "/etc/ssh/ckie.pub" ]; - }; - - cnx = { - extraGroups = [ "wheel" ]; - isNormalUser = true; - openssh.authorizedKeys.keyFiles = [ "/etc/ssh/cnx.pub" ]; - packages = with pkgs; [ stow ]; - }; - - epoch = { - isNormalUser = true; - openssh.authorizedKeys.keyFiles = [ "/etc/ssh/epoch.pub" ]; - }; - - int2k = { - isNormalUser = true; - openssh.authorizedKeys.keyFiles = [ "/etc/ssh/int2k.pub" ]; - }; - - mingnho = { - isNormalUser = true; - openssh.authorizedKeys.keyFiles = [ "/etc/ssh/mingnho.pub" ]; - }; - - ooze = { - isNormalUser = true; - openssh.authorizedKeys.keyFiles = [ "/etc/ssh/ooze.pub" ]; - }; - - owocean = { - isNormalUser = true; - openssh.authorizedKeys.keyFiles = [ "/etc/ssh/owocean.pub" ]; - }; - - vnpower = { - isNormalUser = true; - openssh.authorizedKeys.keyFiles = [ "/etc/ssh/vnpower.pub" ]; - }; - - xarvos = { - extraGroups = [ "wheel" ]; - isNormalUser = true; - openssh.authorizedKeys.keyFiles = [ "/etc/ssh/xarvos.pub" ]; - }; - }; } |