32 lines
780 B
Nix
32 lines
780 B
Nix
{ lib, config, ... }:
|
|
{
|
|
|
|
options.clan.admin = {
|
|
allowedKeys = lib.mkOption {
|
|
default = { };
|
|
type = lib.types.attrsOf lib.types.str;
|
|
description = "The allowed public keys for ssh access to the admin user";
|
|
example = {
|
|
"key_1" = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD...";
|
|
};
|
|
};
|
|
};
|
|
# Bad practice.
|
|
# Should we add 'clanModules' to specialArgs?
|
|
imports = [
|
|
../../sshd
|
|
../../root-password
|
|
];
|
|
config = {
|
|
|
|
warnings = [
|
|
''
|
|
The admin module has been migrated from `clan.services` to `clan.instances`
|
|
See https://docs.clan.lol/manual/distributed-services for usage.
|
|
''
|
|
];
|
|
|
|
users.users.root.openssh.authorizedKeys.keys = builtins.attrValues config.clan.admin.allowedKeys;
|
|
};
|
|
}
|