25 lines
555 B
Nix
25 lines
555 B
Nix
{ pkgs, ... }:
|
|
|
|
{
|
|
users.groups.deploy.gid = 2000;
|
|
users.users.deploy = {
|
|
isNormalUser = true;
|
|
uid = 2000;
|
|
createHome = false;
|
|
group = "deploy";
|
|
shell = pkgs.deploy-sink;
|
|
home = "/var/empty";
|
|
openssh.authorizedKeys.keys = [
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDBf2khUKpvOYvMEUbh+ETNh9J3p51VSjUFIRERH7zQz deploy@c8h4.io"
|
|
];
|
|
};
|
|
|
|
services.openssh.settings.AllowUsers = [ "deploy" ];
|
|
|
|
systemd.tmpfiles.settings."70-var-www"."/var/www".d = {
|
|
user = "deploy";
|
|
group = "deploy";
|
|
mode = "0755";
|
|
};
|
|
}
|