From d9a6d38d5e64be1bf4c6d832f3840781988b425e Mon Sep 17 00:00:00 2001 From: Ryan Lahfa Date: Sat, 7 Dec 2024 16:19:59 +0100 Subject: [PATCH] feat(modules/dgn-access-control): support Liminix systems Liminix are not totally aligned with their implementation of users. Signed-off-by: Ryan Lahfa --- modules/nixos/dgn-access-control.nix | 26 +++++++++++++++----------- 1 file changed, 15 insertions(+), 11 deletions(-) diff --git a/modules/nixos/dgn-access-control.nix b/modules/nixos/dgn-access-control.nix index 9e6db4a..8ecb67b 100644 --- a/modules/nixos/dgn-access-control.nix +++ b/modules/nixos/dgn-access-control.nix @@ -47,6 +47,7 @@ let mkIf mkMerge mkOption + optionalAttrs types ; @@ -84,18 +85,21 @@ in { # Admins have root access to the node dgn-access-control.users.root = mkDefault admins; - - users.users = builtins.mapAttrs (_: members: { + } + (optionalAttrs (nodeMeta.nixpkgs.system == "nixos") { + users.mutableUsers = false; + users.users = builtins.mapAttrs ( + username: members: + { + openssh.authorizedKeys.keys = dgn-keys.getKeys members; + } + // optionalAttrs (username == "root") { inherit (nodeMeta) hashedPassword; } + ) cfg.users; + }) + (optionalAttrs (nodeMeta.nixpkgs.system == "zyxel-nwa50ax") { + users = builtins.mapAttrs (_: members: { openssh.authorizedKeys.keys = dgn-keys.getKeys members; }) cfg.users; - } - { - users = { - mutableUsers = false; - users.root = { - inherit (nodeMeta) hashedPassword; - }; - }; - } + }) ]); }