Christoph Heiss
bc67437947
All checks were successful
flake / build (push) Successful in 3m13s
Signed-off-by: Christoph Heiss <christoph@c8h4.io>
25 lines
555 B
Nix
25 lines
555 B
Nix
{ pkgs, ... }:
|
|
|
|
{
|
|
users.groups.deploy.gid = 2000;
|
|
users.users.deploy = {
|
|
isNormalUser = true;
|
|
uid = 2000;
|
|
createHome = false;
|
|
group = "deploy";
|
|
shell = pkgs.deploy-sink;
|
|
home = "/var/empty";
|
|
openssh.authorizedKeys.keys = [
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN7gT2cQZkFZ13lBfoJx19dkEwrYu1eVfYUmyU0wZQMH deploy@c8h4.io"
|
|
];
|
|
};
|
|
|
|
services.openssh.settings.AllowUsers = [ "deploy" ];
|
|
|
|
systemd.tmpfiles.settings."70-var-www"."/var/www".d = {
|
|
user = "deploy";
|
|
group = "deploy";
|
|
mode = "0755";
|
|
};
|
|
}
|