From 5559b1ac3f85301d1cade57c1a08069feeca8f7c Mon Sep 17 00:00:00 2001 From: Gregor Kleen Date: Sat, 2 Oct 2021 12:13:50 +0200 Subject: build-server: ... --- hosts/vidhar/default.nix | 2 +- system-profiles/build-server/default.nix | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/hosts/vidhar/default.nix b/hosts/vidhar/default.nix index 836a85fa..ae0a8168 100644 --- a/hosts/vidhar/default.nix +++ b/hosts/vidhar/default.nix @@ -123,7 +123,7 @@ ''; }; users.groups."ssh" = { - members = ["root" "nix-ssh-builder"]; + members = ["root"]; }; security.sudo.extraConfig = '' diff --git a/system-profiles/build-server/default.nix b/system-profiles/build-server/default.nix index d0bfaf10..9cb9e142 100644 --- a/system-profiles/build-server/default.nix +++ b/system-profiles/build-server/default.nix @@ -10,7 +10,9 @@ useDefaultShell = true; isSystemUser = true; group = "nix-ssh-builder"; + extraGroups = [ "ssh" ]; }; + nix.trustedUsers = [ "nix-ssh-builder" ]; services.openssh = { enable = true; -- cgit v1.2.3