libre chat
This commit is contained in:
RingOfStorms (Joshua Bell)
parent
9fe2e27126
commit
3ba125799b
5 changed files with 323 additions and 18 deletions
48
onboard.nix
Normal file
48
onboard.nix
Normal file
|
|
@ -0,0 +1,48 @@
|
|||
{ pkgs, ... }:
|
||||
{
|
||||
networking.hostName = "%%HOSTNAME%%";
|
||||
networking.networkmanager.enable = true;
|
||||
|
||||
services.openssh.enable = true;
|
||||
networking.firewall.allowedTCPPorts = [ 22 ];
|
||||
|
||||
nix.settings.experimental-features = [ "nix-command" "flakes" ];
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
vim
|
||||
curl
|
||||
git
|
||||
sudo
|
||||
];
|
||||
|
||||
users.users.%%USERNAME%% = {
|
||||
initialPassword = "password1";
|
||||
isNormalUser = true;
|
||||
extraGroups = [ "wheel" "networkmanager" "video" "input" ];
|
||||
};
|
||||
|
||||
# Ensure SSH key pair generation for non-root users
|
||||
systemd.services.generate_ssh_key = {
|
||||
description = "Generate SSH key pair for %%USERNAME%%";
|
||||
wantedBy = [ "multi-user.target" ];
|
||||
serviceConfig = {
|
||||
User = "%%USERNAME%%";
|
||||
Type = "oneshot";
|
||||
};
|
||||
script = ''
|
||||
#!/run/current-system/sw/bin/bash
|
||||
if [ ! -f /home/%%USERNAME%%/.ssh/id_ed25519 ]; then
|
||||
if [ -v DRY_RUN ]; then
|
||||
echo "DRY_RUN is set. Would generate SSH key for %%USERNAME%%."
|
||||
else
|
||||
echo "Generating SSH key for %%USERNAME%%."
|
||||
mkdir -p /home/%%USERNAME%%/.ssh
|
||||
chmod 700 /home/%%USERNAME%%/.ssh
|
||||
/run/current-system/sw/bin/ssh-keygen -t ed25519 -f /home/%%USERNAME%%/.ssh/id_ed25519 -N ""
|
||||
fi
|
||||
else
|
||||
echo "SSH key already exists for %%USERNAME%%."
|
||||
fi
|
||||
'';
|
||||
};
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue