alejandro-angulo/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Enable sudo with ssh key
Some checks failed
Gitea Actions Demo / Explore-Gitea-Actions (push) Failing after 0s
Details

Browse source
This commit is contained in:
alejandro-angulo 2025-08-02 19:47:31 -07:00
parent 41b1477a6c
commit 22a3d8daca
Signed by: alejandro-angulo
GPG key ID: 75579581C74554B6
1 changed files with 23 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

34
modules/nixos/services/openssh/default.nix
View file

@ -24,19 +24,31 @@ in
default = [ default-key ];
description = "The public keys to authorize";
};
passwordlessSudo = lib.mkOption {
type = types.bool;
default = true;
description = "Enable passwordless sudo (use ssh key)";
};
};
config = mkIf cfg.enable {
services.openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
PermitRootLogin = mkDefault (if format == "install-iso" then "yes" else "no");
config = mkIf cfg.enable lib.mkMerge [
{
services.openssh = {
enable = true;
settings = {
PasswordAuthentication = false;
PermitRootLogin = mkDefault (if format == "install-iso" then "yes" else "no");
};
};
};
aa.user.extraOptions = {
openssh.authorizedKeys.keys = cfg.authorizedKeys;
};
};
aa.user.extraOptions = {
openssh.authorizedKeys.keys = cfg.authorizedKeys;
};
}
(lib.mkIf cfg.passwordlessSudo {
security.pam.rssh.enable = true;
security.pam.services.sudo.rssh = true;
})
];
}