diff --git a/modules/nixos/dgn-access-control.nix b/modules/nixos/dgn-access-control.nix index 9e6db4a..8ecb67b 100644 --- a/modules/nixos/dgn-access-control.nix +++ b/modules/nixos/dgn-access-control.nix @@ -47,6 +47,7 @@ let mkIf mkMerge mkOption + optionalAttrs types ; @@ -84,18 +85,21 @@ in { # Admins have root access to the node dgn-access-control.users.root = mkDefault admins; - - users.users = builtins.mapAttrs (_: members: { + } + (optionalAttrs (nodeMeta.nixpkgs.system == "nixos") { + users.mutableUsers = false; + users.users = builtins.mapAttrs ( + username: members: + { + openssh.authorizedKeys.keys = dgn-keys.getKeys members; + } + // optionalAttrs (username == "root") { inherit (nodeMeta) hashedPassword; } + ) cfg.users; + }) + (optionalAttrs (nodeMeta.nixpkgs.system == "zyxel-nwa50ax") { + users = builtins.mapAttrs (_: members: { openssh.authorizedKeys.keys = dgn-keys.getKeys members; }) cfg.users; - } - { - users = { - mutableUsers = false; - users.root = { - inherit (nodeMeta) hashedPassword; - }; - }; - } + }) ]); }