forked from DGNum/infrastructure
feat(modules/dgn-access-control): support Liminix systems
Liminix are not totally aligned with their implementation of users. Signed-off-by: Ryan Lahfa <ryan@dgnum.eu>
This commit is contained in:
parent
a2a6bf8d1c
commit
d9a6d38d5e
1 changed files with 15 additions and 11 deletions
|
@ -47,6 +47,7 @@ let
|
|||
mkIf
|
||||
mkMerge
|
||||
mkOption
|
||||
optionalAttrs
|
||||
|
||||
types
|
||||
;
|
||||
|
@ -84,18 +85,21 @@ in
|
|||
{
|
||||
# Admins have root access to the node
|
||||
dgn-access-control.users.root = mkDefault admins;
|
||||
|
||||
users.users = builtins.mapAttrs (_: members: {
|
||||
}
|
||||
(optionalAttrs (nodeMeta.nixpkgs.system == "nixos") {
|
||||
users.mutableUsers = false;
|
||||
users.users = builtins.mapAttrs (
|
||||
username: members:
|
||||
{
|
||||
openssh.authorizedKeys.keys = dgn-keys.getKeys members;
|
||||
}
|
||||
// optionalAttrs (username == "root") { inherit (nodeMeta) hashedPassword; }
|
||||
) cfg.users;
|
||||
})
|
||||
(optionalAttrs (nodeMeta.nixpkgs.system == "zyxel-nwa50ax") {
|
||||
users = builtins.mapAttrs (_: members: {
|
||||
openssh.authorizedKeys.keys = dgn-keys.getKeys members;
|
||||
}) cfg.users;
|
||||
}
|
||||
{
|
||||
users = {
|
||||
mutableUsers = false;
|
||||
users.root = {
|
||||
inherit (nodeMeta) hashedPassword;
|
||||
};
|
||||
};
|
||||
}
|
||||
})
|
||||
]);
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue