mkDeploy

2025-08-11 14:23:54 +02:00 · 2025-08-11 14:23:54 +02:00 · 764d5dd68c
commit 764d5dd68c
parent a2c4f7385b
9 changed files with 4996 additions and 18 deletions
--- a/lib/users/default.nix
+++ b/lib/users/default.nix
@ -34,6 +34,7 @@ with lib; rec {
    sops.secrets."users/${username}" = mkIf enable {
      neededForUsers = true;
    };
+    users.users.root.openssh.authorizedKeys.keys = mkIf enable trustedSshKeys;
    systemd.tmpfiles.rules = optionals (impermanence.enable) ["d ${persist}/home/${username} 0700 ${username} users -"]; # /persist/home/<user> created, owned by that user

    nix.settings.trusted-users = optionals admin [