25 lines
599 B
Nix
25 lines
599 B
Nix
|
{ pkgs, ... }:
|
||
|
|
||
|
{
|
||
|
users.groups.automation = { };
|
||
|
users.users.automation = {
|
||
|
isSystemUser = true;
|
||
|
createHome = false;
|
||
|
group = "automation";
|
||
|
shell = pkgs.automation-shell;
|
||
|
openssh.authorizedKeys.keys = [
|
||
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJk5vjODKwMUnvQAM1cvBhOhyErdeZcdPMYdIjf9dNEG hass@tank.c8h4.io"
|
||
|
];
|
||
|
};
|
||
|
|
||
|
security.sudo.extraRules = [{
|
||
|
users = [ "automation" ];
|
||
|
commands = [{
|
||
|
command = "/run/current-system/sw/bin/systemctl poweroff";
|
||
|
options = [ "NOPASSWD" ];
|
||
|
}];
|
||
|
}];
|
||
|
|
||
|
services.openssh.settings.AllowUsers = [ "automation" ];
|
||
|
}
|