nki/nix-home
1
0
Fork 0
Code Issues Pull requests 1 Packages Projects Releases Wiki Activity

Use ip addresses instead of hosts

Browse source
This commit is contained in:
Natsu Kagami 2024-08-19 16:01:37 +02:00
parent 28d891f4e2
commit e9977076f5
Signed by: nki
GPG key ID: 55A032EB38B49ADB
1 changed files with 7 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
modules/services/nix-build-farm/default.nix
View file

@ -24,6 +24,12 @@ in
type = types.path;
description = "The path to the private SSH key file";
};
ipAddrs = mkOption {
type = types.str;
description = "The ip addresses to limit access to";
default = "11.0.0.*";
};
};
config = mkIf cfg.enable (
@ -47,7 +53,7 @@ in
description = "Nix build farm user";
group = build-user;
isNormalUser = true;
openssh.authorizedKeys.keys = lib.mapAttrsToList (_: host: ''from="${host.host}" ${host.pubKey}'') otherHosts;
openssh.authorizedKeys.keys = lib.mapAttrsToList (_: host: ''from="${cfg.ipAddrs}" ${host.pubKey}'') otherHosts;
};
groups.${build-user} = { };
};