lib/users: add option c3d2.allUsersCanSshRoot

2021-09-06 21:02:06 +02:00 · 2021-09-06 21:02:06 +02:00 · dacb4ca655
parent 033c81399d
commit dacb4ca655
1 changed files with 17 additions and 1 deletions
--- a/lib/users/default.nix
+++ b/lib/users/default.nix
@ -24,5 +24,21 @@ in {
    };
  in listToAttrs (map f userNames);

-  config = lib.mkMerge (map import' userNames);
+  options.c3d2.allUsersCanSshRoot = lib.mkOption {
+    type = lib.types.bool;
+    default = true;
+    description = ''
+      Let all people in `lib/users/` login as root for deployment via SSH.
+    '';
+  };
+
+  config = lib.mkMerge ([ {
+    users.users.root = lib.mkIf config.c3d2.allUsersCanSshRoot {
+      openssh = lib.mkMerge (map (name:
+        let
+          userConf = (import' name).content.users.users.${name};
+        in lib.optionalAttrs (userConf ? openssh) userConf.openssh
+      ) userNames);
+    };
+  } ] ++ map import' userNames);
 }