23 lines
847 B
Nix
23 lines
847 B
Nix
{ pkgs, ... }:
|
|
|
|
{
|
|
users = {
|
|
users.deploy = {
|
|
description = "deploys static websites from forgejo";
|
|
shell = "/run/current-system/sw/bin/nologin";
|
|
isSystemUser = true;
|
|
group = "deploy";
|
|
packages = [
|
|
pkgs.rsync
|
|
];
|
|
openssh.authorizedKeys.keys = [
|
|
"command='rsync --server --daemon . /srv/http/',restrict ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEUVX7gs6mqubYsJhi65gvWq4rvA2CtZJFneVRKQHIBs root@www.berlin.ccc.de"
|
|
"command='rsync --server --daemon . /srv/http/www/',restrict ssh-ed25519 AAAAB3NzaC1yc2EAAAADAQABAAABAQCy... git.berlin.ccc.de/cccb/www"
|
|
"command='rsync --server --daemon . /srv/http/www-staging/',restrict ssh-ed25519 AAAAB3NzaC1yc2EAAAADAQABAAABAQCy... git.berlin.ccc.de/cccb/www"
|
|
];
|
|
#extraGroups = ["nginx"];
|
|
};
|
|
groups.deploy = {};
|
|
};
|
|
}
|
|
|