2025-01-28 22:21:31 -06:00
|
|
|
{ flake, config, ... }:
|
|
|
|
|
let
|
|
|
|
|
inherit (flake.config.people)
|
2025-01-08 19:06:14 -06:00
|
|
|
user0
|
2025-01-31 01:49:36 -06:00
|
|
|
user1
|
2025-01-28 22:21:31 -06:00
|
|
|
user2
|
2025-01-08 19:06:14 -06:00
|
|
|
;
|
2025-01-28 22:21:31 -06:00
|
|
|
inherit (flake.config.machines)
|
|
|
|
|
devices
|
|
|
|
|
;
|
|
|
|
|
hostname = config.networking.hostName;
|
2025-03-01 15:55:23 -06:00
|
|
|
mars = devices.mars.name;
|
2025-02-17 18:52:02 -06:00
|
|
|
ceres = devices.ceres.name;
|
2025-03-01 15:55:23 -06:00
|
|
|
venus = devices.venus.names;
|
|
|
|
|
charon = devices.charon.name;
|
2025-01-28 22:21:31 -06:00
|
|
|
in
|
|
|
|
|
{
|
2024-10-06 15:25:05 -05:00
|
|
|
security = {
|
|
|
|
|
doas = {
|
|
|
|
|
enable = true;
|
|
|
|
|
extraRules = [
|
|
|
|
|
{
|
|
|
|
|
keepEnv = true;
|
|
|
|
|
noPass = true;
|
2025-01-08 19:06:14 -06:00
|
|
|
users = [
|
2025-01-28 22:21:31 -06:00
|
|
|
(
|
2025-03-01 15:55:23 -06:00
|
|
|
if hostname == mars then
|
2025-01-28 22:21:31 -06:00
|
|
|
user0
|
2025-02-17 18:52:02 -06:00
|
|
|
else if hostname == ceres then
|
2025-01-30 13:44:20 -06:00
|
|
|
user0
|
2025-03-01 15:55:23 -06:00
|
|
|
else if hostname == charon then
|
2025-01-31 01:49:36 -06:00
|
|
|
user1
|
2025-03-01 15:55:23 -06:00
|
|
|
else if hostname == venus then
|
2025-01-28 22:21:31 -06:00
|
|
|
user2
|
|
|
|
|
else
|
|
|
|
|
""
|
|
|
|
|
)
|
2025-01-08 19:06:14 -06:00
|
|
|
];
|
2024-10-06 15:25:05 -05:00
|
|
|
}
|
|
|
|
|
];
|
|
|
|
|
};
|
|
|
|
|
# sudo.enable = false;
|
|
|
|
|
};
|
|
|
|
|
}
|
