{ pkgs, ... }:

{
  users.users.deploy = {
    description = "deploys static websites from forgejo";
    shell = pkgs.nologin;
    packages = [
      pkgs.rsync
    ];
    openssh.authorizedKeys.keys = [
      "command='rsync --server --daemon . /srv/http/www/',restrict ssh-ed25519 AAAAB3NzaC1yc2EAAAADAQABAAABAQCy... git.berlin.ccc.de/cccb/www"
    ];
    #extraGroups = ["nginx"];
  };
}