diff options
author | Patryk Niedźwiedziński <patryk@niedzwiedzinski.cyou> | 2024-08-18 19:23:28 +0200 |
---|---|---|
committer | Patryk Niedźwiedziński <patryk@niedzwiedzinski.cyou> | 2024-08-18 19:23:28 +0200 |
commit | 5e8ed0ca7f5e8788553b656ddbb4aa1dccc2bc03 (patch) | |
tree | 598638d5247af652a836e972909f9318a718df91 /machines/srv3/configuration.nix | |
parent | 84adc681875042f0d22686e29dbd4359be5fde29 (diff) | |
download | dots-5e8ed0ca7f5e8788553b656ddbb4aa1dccc2bc03.tar.gz dots-5e8ed0ca7f5e8788553b656ddbb4aa1dccc2bc03.zip |
Add docker
Diffstat (limited to 'machines/srv3/configuration.nix')
-rw-r--r-- | machines/srv3/configuration.nix | 25 |
1 files changed, 22 insertions, 3 deletions
diff --git a/machines/srv3/configuration.nix b/machines/srv3/configuration.nix index f2ee31d..09ae394 100644 --- a/machines/srv3/configuration.nix +++ b/machines/srv3/configuration.nix @@ -65,8 +65,15 @@ in vim lm_sensors ]; - services.openssh.enable = true; - services.openssh.settings.PasswordAuthentication = false; + services.openssh = { + enable = true; + settings = { + PasswordAuthentication = false; + PermitRootLogin = "no"; + #AllowGroups = ["using-ssh"]; + AllowUsers = [ "pn-ssh" "pn@192.168.1.*" ]; + }; + }; services.sshguard = { enable = true; whitelist = [ @@ -185,12 +192,24 @@ in ]; }; + + virtualisation.docker.enable = true; + users = { + groups."using-ssh" = { name = "using-ssh"; }; users = { + pn-ssh = { + description = "patryk-zdalny"; + isNormalUser = true; + extraGroups = [ "pn" "git" "using-ssh"]; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqlCe4ovKa/Gwl5xmgu9nvVPmFXMgwdeLRYW7Gg7RWx pniedzwiedzinski19@gmail.com" + ]; + }; pn = { description = "patryk"; isNormalUser = true; - extraGroups = [ "wheel" "git" ]; # Enable ‘sudo’ for the user. + extraGroups = [ "wheel" "git" "using-ssh" "docker" ]; # Enable ‘sudo’ for the user. openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIqlCe4ovKa/Gwl5xmgu9nvVPmFXMgwdeLRYW7Gg7RWx pniedzwiedzinski19@gmail.com" ]; |