2021-10-16 15:28:30 +03:00
|
|
|
{
|
|
|
|
security.sudo.extraRules = [
|
2022-03-13 00:16:38 +02:00
|
|
|
{
|
2021-10-16 15:28:30 +03:00
|
|
|
users = [ "deploy" ];
|
|
|
|
commands = [
|
|
|
|
"NOPASSWD: /nix/store/*-activate-rs/activate-rs"
|
|
|
|
"NOPASSWD: /run/current-system/sw/bin/rm /tmp/deploy-rs-canary-*"
|
|
|
|
];
|
|
|
|
runAs = "root";
|
2022-03-13 00:16:38 +02:00
|
|
|
}
|
2021-10-16 15:28:30 +03:00
|
|
|
];
|
2022-12-17 21:32:06 +02:00
|
|
|
nix.settings.trusted-users = [ "deploy" ];
|
2021-10-16 15:28:30 +03:00
|
|
|
users.users.deploy = {
|
|
|
|
isNormalUser = true;
|
|
|
|
uid = 1999;
|
|
|
|
openssh.authorizedKeys.keys = [
|
|
|
|
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMmdWfmAs/0rno8zJlhBFMY2SumnHbTNdZUXJqxgd9ON max@jericho"
|
|
|
|
];
|
|
|
|
};
|
|
|
|
}
|