felix/nixos
1
0
Fork 0
mirror of https://github.com/Stunkymonkey/nixos.git synced 2025-10-31 17:52:10 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

service/remote-build: init

Browse source
This commit is contained in:
Felix Buehler 2024-03-17 12:11:50 +01:00
parent 72a34c777a
commit b37162bd3f
3 changed files with 27 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

24
modules/services/remote-build/default.nix Normal file
View file

@ -0,0 +1,24 @@
# manages remote builds
{ config, lib, pkgs, ... }:
let
cfg = config.my.services.remote-build;
in
{
options.my.services.remote-build = {
enable = lib.mkEnableOption "remote-build user";
};
config = lib.mkIf cfg.enable {
# Create user for distributed nix builds
users.groups.nixremote = { };
users.users.nixremote = {
isSystemUser = true;
group = "nixremote";
home = "/home/nixremote";
homeMode = "550"; # disable write
shell = pkgs.bashInteractive;
openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGYSzDdxqaNHmaaLqEvOK/vB65zvqoCebI3Nxzgg5smq root@thinkman" ];
};
nix.settings.trusted-users = [ "nixremote" ];
};
}