95 lines
4.2 KiB
Nix
95 lines
4.2 KiB
Nix
{ ... }:
|
|
let
|
|
trustedFriendGroups = [
|
|
"production-hydra-db"
|
|
];
|
|
in
|
|
{
|
|
# deleted users: ninjatrappeur, flokli
|
|
users.users = {
|
|
linus = {
|
|
isNormalUser = true;
|
|
home = "/home/linus";
|
|
shell = "/run/current-system/sw/bin/zsh";
|
|
uid = 2001;
|
|
# Raito: I allowed linus to be root to get some stuff done
|
|
# on behalf of me.
|
|
extraGroups = [ "wheel" ] ++ trustedFriendGroups;
|
|
openssh.authorizedKeys.keyFiles = [ ./keys/linus.keys ];
|
|
};
|
|
niklas = {
|
|
isNormalUser = true;
|
|
home = "/home/niklas";
|
|
shell = "/run/current-system/sw/bin/zsh";
|
|
uid = 2002;
|
|
extraGroups = trustedFriendGroups;
|
|
openssh.authorizedKeys.keyFiles = [ ./keys/niklas.keys ];
|
|
};
|
|
# Raito: Permanent account for Jade who has been driving a lot of good work.
|
|
# expires = 2060 because of a convergence bug, I cannot remove the expiration date anymore.
|
|
jade = {
|
|
isNormalUser = true;
|
|
home = "/home/jade";
|
|
shell = "/run/current-system/sw/bin/zsh";
|
|
uid = 2004;
|
|
expires = "2060-05-01";
|
|
extraGroups = trustedFriendGroups;
|
|
openssh.authorizedKeys.keys = [
|
|
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDNldAg4t13/i69TD786The+U3wbiNUdW2Kc9KNWvEhgpf4y4x4Sft0oYfkPw5cjX4H3APqfD+b7ItAG0GCbwHw6KMYPoVMNK08zBMJUqt1XExbqGeFLqBaeqDsmEAYXJRbjMTAorpOCtgQdoCKK/DvZ51zUWXxT8UBNHSl19Ryv5Ry5VVdbAE35rqs57DQ9+ma6htXnsBEmmnC+1Zv1FE956m/OpBTId50mor7nS2FguAtPZnDPpTd5zl9kZmJEuWCrmy6iinw5V4Uy1mLeZkQv+/FtozbyifCRCvps9nHpv4mBSU5ABLgnRRvXs+D41Jx7xloNADr1nNgpsNrYaTh hed-bot-ssh-tpm-rsa"
|
|
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIKYljH8iPMrH00lOb3ETxRrZimdKzPPEdsJQ5D5ovtOwAAAACnNzaDpzc2hrZXk= ssh:sshkey"
|
|
"ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBO4idMfdJxDJuBNOid60d4I+qxj09RHt+YkCYV2eXt6tGrEXg+S8hTQusy/SqooiXUH9pt4tea2RuBPN9+UwrH0= type-a yubikey slot 9a"
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHGIBMfUypLctmorlRz9xIzXRgmtqDMxF5T5Fxy4JxNb root@tail-bot"
|
|
];
|
|
};
|
|
# Raito: Permanent account for winter, she was the one in charge of the Darwin build box for a while,
|
|
# helped a bunch of people and deserve it :-).
|
|
# expires = 2060 because of a convergence bug, I cannot remove the expiration date anymore.
|
|
winter = {
|
|
isNormalUser = true;
|
|
home = "/home/winter";
|
|
shell = "/run/current-system/sw/bin/zsh";
|
|
uid = 2005;
|
|
expires = "2060-05-01";
|
|
extraGroups = trustedFriendGroups;
|
|
openssh.authorizedKeys.keys = [
|
|
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIH/LDRUG+U+++UmlxvA2kspioTjktQZ8taDcHq8gVlkfAAAABHNzaDo="
|
|
];
|
|
};
|
|
# Raito: Permanent account for pennae, they are doing a bunch of excellent Nix work (including performance).
|
|
pennae = {
|
|
isNormalUser = true;
|
|
home = "/home/pennae";
|
|
shell = "/run/current-system/sw/bin/zsh";
|
|
uid = 2006;
|
|
# Raito: Allowed to debug jobserver.
|
|
extraGroups = [ "wheel" ] ++ trustedFriendGroups;
|
|
openssh.authorizedKeys.keys = [
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC5Wf5/IbyFpdziWfwxkQqxOf3r1L9pYn6xQBEKFwmMY"
|
|
"sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIK8icXjHkb4XzbIVN3djH4CE7RvgGd+3xbG4cgh0Yls5AAAABHNzaDo="
|
|
];
|
|
};
|
|
# Raito: Temporary account until next year, for delroth, who is going to work on building capabilities for improving build infrastructure.
|
|
delroth = {
|
|
isNormalUser = true;
|
|
home = "/home/delroth";
|
|
shell = "/run/current-system/sw/bin/zsh";
|
|
uid = 2007;
|
|
# Raito: Allowed to spawn new VMs and do various stuff for isolating the workloads.
|
|
extraGroups = [ "wheel" ];
|
|
openssh.authorizedKeys.keys = [
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAII3tjB4KYDok3KlWxdBp/yEmqhhmybd+w0VO4xUwLKKV"
|
|
];
|
|
};
|
|
# Raito: Temporary account for the next week, for VM testing in the context of the systemd-hardening project.
|
|
jmarquet = {
|
|
isNormalUser = true;
|
|
home = "/home/jmarquet";
|
|
uid = 2008;
|
|
expires = "2024-08-30";
|
|
openssh.authorizedKeys.keys = [
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFe4tx0+lNX2w7kG94c9u7U0wHuOc2A6zpHcbyAs+w/d thejohncrafter@system76-pc"
|
|
];
|
|
};
|
|
};
|
|
}
|