From 7b1325a2324a36b4d8999723a1247e061a48dc2d Mon Sep 17 00:00:00 2001 From: Johannes Kirschbauer Date: Mon, 26 Aug 2024 18:33:47 +0200 Subject: [PATCH] ClanModules: add admin module --- clanModules/admin/README.md | 4 ++++ clanModules/admin/default.nix | 17 +++++++++++++++++ clanModules/admin/roles/default.nix | 1 + clanModules/flake-module.nix | 1 + 4 files changed, 23 insertions(+) create mode 100644 clanModules/admin/README.md create mode 100644 clanModules/admin/default.nix create mode 100644 clanModules/admin/roles/default.nix diff --git a/clanModules/admin/README.md b/clanModules/admin/README.md new file mode 100644 index 000000000..e9cfbb04f --- /dev/null +++ b/clanModules/admin/README.md @@ -0,0 +1,4 @@ +--- +description = "Convenient Administration for the Clan App" +categories = ["administration"] +--- diff --git a/clanModules/admin/default.nix b/clanModules/admin/default.nix new file mode 100644 index 000000000..cfe59e11c --- /dev/null +++ b/clanModules/admin/default.nix @@ -0,0 +1,17 @@ +{ lib, config, ... }: +{ + options.clan.admin = { + allowedKeys = lib.mkOption { + default = [ ]; + type = lib.types.listOf lib.types.str; + description = "The allowed public keys for ssh access to the admin user"; + }; + }; + imports = [ + ../sshd + ../root-password + ]; + config = { + users.users.root.openssh.authorizedKeys.keys = config.clan.admin.allowedKeys; + }; +} diff --git a/clanModules/admin/roles/default.nix b/clanModules/admin/roles/default.nix new file mode 100644 index 000000000..ffcd4415b --- /dev/null +++ b/clanModules/admin/roles/default.nix @@ -0,0 +1 @@ +{ } diff --git a/clanModules/flake-module.nix b/clanModules/flake-module.nix index d0f950eda..60fc9eeec 100644 --- a/clanModules/flake-module.nix +++ b/clanModules/flake-module.nix @@ -1,6 +1,7 @@ { ... }: { flake.clanModules = { + admin = ./admin; borgbackup = ./borgbackup; borgbackup-static = ./borgbackup-static; deltachat = ./deltachat;