From dacd8abcb7765c318eed67abed2e0bf687a4977e Mon Sep 17 00:00:00 2001 From: Kalle Struik Date: Fri, 22 Nov 2024 16:03:21 +0100 Subject: [PATCH] Add remote maintenance user --- authorized_keys | 1 + systems/base.nix | 6 ++++++ 2 files changed, 7 insertions(+) create mode 100644 authorized_keys diff --git a/authorized_keys b/authorized_keys new file mode 100644 index 0000000..73aa3cb --- /dev/null +++ b/authorized_keys @@ -0,0 +1 @@ +ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILZKBTf7HdsZDJDwblnROAaGZDIWi/jWNwGjrih8UPuY kalle@kalle-laptop diff --git a/systems/base.nix b/systems/base.nix index b8b20ad..0b42375 100644 --- a/systems/base.nix +++ b/systems/base.nix @@ -33,6 +33,12 @@ "flakes" ]; + # Set up user for remote admin + users.users."maintenance" = { + extraGroups = [ "wheel" ]; + openssh.authorizedKeys.keyFiles = [ ../authorized_keys ]; + }; + # Enable mDNS for `hostname.local` addresses services.avahi.enable = true; services.avahi.nssmdns = true;