diff --git a/.envrc b/.envrc new file mode 100644 index 0000000..3550a30 --- /dev/null +++ b/.envrc @@ -0,0 +1 @@ +use flake diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..726d2d6 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +result +.direnv diff --git a/flake.lock b/flake.lock index 42829cd..c2c7d85 100644 --- a/flake.lock +++ b/flake.lock @@ -72,9 +72,34 @@ "type": "github" } }, + "mara": { + "inputs": { + "naersk": "naersk", + "nixpkgs": [ + "nixpkgs" + ], + "utils": [ + "utils" + ] + }, + "locked": { + "lastModified": 1645303154, + "narHash": "sha256-BrFM/oLj55Q0KRTbfbZQZHXZd8KHQCQYL8xwg9ZRDMM=", + "ref": "main", + "rev": "4446edeb050ef24708d03711af998d8d6ac4d998", + "revCount": 13, + "type": "git", + "url": "https://tulpa.dev/Xe/mara.git" + }, + "original": { + "ref": "main", + "type": "git", + "url": "https://tulpa.dev/Xe/mara.git" + } + }, "naersk": { "inputs": { - "nixpkgs": "nixpkgs_5" + "nixpkgs": "nixpkgs_4" }, "locked": { "lastModified": 1639947939, @@ -95,6 +120,24 @@ "inputs": { "nixpkgs": "nixpkgs_6" }, + "locked": { + "lastModified": 1639947939, + "narHash": "sha256-pGsM8haJadVP80GFq4xhnSpNitYNQpaXk4cnA796Cso=", + "owner": "nix-community", + "repo": "naersk", + "rev": "2fc8ce9d3c025d59fee349c1f80be9785049d653", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "naersk", + "type": "github" + } + }, + "naersk_3": { + "inputs": { + "nixpkgs": "nixpkgs_8" + }, "locked": { "lastModified": 1639947939, "narHash": "sha256-pGsM8haJadVP80GFq4xhnSpNitYNQpaXk4cnA796Cso=", @@ -110,24 +153,6 @@ "type": "github" } }, - "naersk_3": { - "inputs": { - "nixpkgs": "nixpkgs_7" - }, - "locked": { - "lastModified": 1639947939, - "narHash": "sha256-pGsM8haJadVP80GFq4xhnSpNitYNQpaXk4cnA796Cso=", - "owner": "nix-community", - "repo": "naersk", - "rev": "2fc8ce9d3c025d59fee349c1f80be9785049d653", - "type": "github" - }, - "original": { - "owner": "nix-community", - "repo": "naersk", - "type": "github" - } - }, "nixpkgs": { "locked": { "lastModified": 1618628710, @@ -172,6 +197,20 @@ } }, "nixpkgs_4": { + "locked": { + "lastModified": 1645013224, + "narHash": "sha256-b7OEC8vwzJv3rsz9pwnTX2LQDkeOWz2DbKypkVvNHXc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "b66b39216b1fef2d8c33cc7a5c72d8da80b79970", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "nixpkgs_5": { "locked": { "lastModified": 1644525281, "narHash": "sha256-D3VuWLdnLmAXIkooWAtbTGSQI9Fc1lkvAr94wTxhnTU=", @@ -187,35 +226,7 @@ "type": "github" } }, - "nixpkgs_5": { - "locked": { - "lastModified": 1645013224, - "narHash": "sha256-b7OEC8vwzJv3rsz9pwnTX2LQDkeOWz2DbKypkVvNHXc=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "b66b39216b1fef2d8c33cc7a5c72d8da80b79970", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "type": "indirect" - } - }, "nixpkgs_6": { - "locked": { - "lastModified": 1645013224, - "narHash": "sha256-b7OEC8vwzJv3rsz9pwnTX2LQDkeOWz2DbKypkVvNHXc=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "b66b39216b1fef2d8c33cc7a5c72d8da80b79970", - "type": "github" - }, - "original": { - "id": "nixpkgs", - "type": "indirect" - } - }, - "nixpkgs_7": { "locked": { "lastModified": 1640418986, "narHash": "sha256-a8GGtxn2iL3WAkY5H+4E0s3Q7XJt6bTOvos9qqxT5OQ=", @@ -229,7 +240,7 @@ "type": "indirect" } }, - "nixpkgs_8": { + "nixpkgs_7": { "locked": { "lastModified": 1640319671, "narHash": "sha256-ZkKmakwaOaLiZOpIZWbeJZwap5CzJ30s4UJTfydYIYc=", @@ -245,6 +256,46 @@ "type": "github" } }, + "nixpkgs_8": { + "locked": { + "lastModified": 1645013224, + "narHash": "sha256-b7OEC8vwzJv3rsz9pwnTX2LQDkeOWz2DbKypkVvNHXc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "b66b39216b1fef2d8c33cc7a5c72d8da80b79970", + "type": "github" + }, + "original": { + "id": "nixpkgs", + "type": "indirect" + } + }, + "printerfacts": { + "inputs": { + "flake-utils": [ + "utils" + ], + "naersk": "naersk_2", + "nixpkgs": [ + "nixpkgs" + ], + "xess": "xess" + }, + "locked": { + "lastModified": 1640545565, + "narHash": "sha256-Jc+o7Jt8/HnMIFLNKuM8xWmg9QuoL7Dm72ptImRDDgs=", + "ref": "main", + "rev": "5436c081ae442440a77738465ddd8833ca0177fd", + "revCount": 55, + "type": "git", + "url": "https://tulpa.dev/cadey/printerfacts.git" + }, + "original": { + "ref": "main", + "type": "git", + "url": "https://tulpa.dev/cadey/printerfacts.git" + } + }, "rhea": { "inputs": { "nixpkgs": [ @@ -252,11 +303,11 @@ ] }, "locked": { - "lastModified": 1645302427, - "narHash": "sha256-wOA74G1ffN5gvty/ooD41Ld3lgSv3KqWwvGEk2J2Oo4=", + "lastModified": 1645307532, + "narHash": "sha256-qTnnUL6/XPX5EN9Jc/yxOcPyDNJNtxMKu0sHHR4Uc6M=", "owner": "Xe", "repo": "rhea", - "rev": "efd4d012fb71dabaed4ef14a8f6e2f7f5bcd50d9", + "rev": "0bae7f6eab4f0896a3be6eb3307b82a62c26b1a7", "type": "github" }, "original": { @@ -270,12 +321,37 @@ "agenix": "agenix", "deploy-rs": "deploy-rs", "home-manager": "home-manager", - "nixpkgs": "nixpkgs_4", + "mara": "mara", + "nixpkgs": "nixpkgs_5", + "printerfacts": "printerfacts", "rhea": "rhea", - "utils": "utils_2", - "waifud": "waifud", - "xe-mara": "xe-mara", - "xe-printerfacts": "xe-printerfacts" + "snoo2nebby": "snoo2nebby", + "utils": "utils_3", + "waifud": "waifud" + } + }, + "snoo2nebby": { + "inputs": { + "nixpkgs": [ + "nixpkgs" + ], + "utils": [ + "utils" + ] + }, + "locked": { + "lastModified": 1645307663, + "narHash": "sha256-96cDS0TaDJf4eklu1RJ+CBWei0yRnVUGXh6AOf+mBRE=", + "ref": "main", + "rev": "e8aa792abd6de941ff473a49bc39134d042050e8", + "revCount": 6, + "type": "git", + "url": "https://tulpa.dev/cadey/snoo2nebby.git" + }, + "original": { + "ref": "main", + "type": "git", + "url": "https://tulpa.dev/cadey/snoo2nebby.git" } }, "utils": { @@ -294,21 +370,6 @@ } }, "utils_2": { - "locked": { - "lastModified": 1644229661, - "narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=", - "owner": "numtide", - "repo": "flake-utils", - "rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797", - "type": "github" - }, - "original": { - "owner": "numtide", - "repo": "flake-utils", - "type": "github" - } - }, - "utils_3": { "locked": { "lastModified": 1638122382, "narHash": "sha256-sQzZzAbvKEqN9s0bzWuYmRaA03v40gaJ4+iL1LXjaeI=", @@ -323,9 +384,24 @@ "type": "github" } }, + "utils_3": { + "locked": { + "lastModified": 1644229661, + "narHash": "sha256-1YdnJAsNy69bpcjuoKdOYQX0YxZBiCYZo4Twxerqv7k=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "3cecb5b042f7f209c56ffd8371b2711a290ec797", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, "waifud": { "inputs": { - "naersk": "naersk", + "naersk": "naersk_3", "nixpkgs": [ "nixpkgs" ], @@ -347,61 +423,10 @@ "type": "github" } }, - "xe-mara": { - "inputs": { - "naersk": "naersk_2", - "nixpkgs": [ - "nixpkgs" - ], - "utils": [ - "utils" - ] - }, - "locked": { - "lastModified": 1645303154, - "narHash": "sha256-BrFM/oLj55Q0KRTbfbZQZHXZd8KHQCQYL8xwg9ZRDMM=", - "ref": "main", - "rev": "4446edeb050ef24708d03711af998d8d6ac4d998", - "revCount": 13, - "type": "git", - "url": "https://tulpa.dev/Xe/mara.git" - }, - "original": { - "ref": "main", - "type": "git", - "url": "https://tulpa.dev/Xe/mara.git" - } - }, - "xe-printerfacts": { - "inputs": { - "flake-utils": [ - "utils" - ], - "naersk": "naersk_3", - "nixpkgs": [ - "nixpkgs" - ], - "xess": "xess" - }, - "locked": { - "lastModified": 1640545565, - "narHash": "sha256-Jc+o7Jt8/HnMIFLNKuM8xWmg9QuoL7Dm72ptImRDDgs=", - "ref": "main", - "rev": "5436c081ae442440a77738465ddd8833ca0177fd", - "revCount": 55, - "type": "git", - "url": "https://tulpa.dev/cadey/printerfacts.git" - }, - "original": { - "ref": "main", - "type": "git", - "url": "https://tulpa.dev/cadey/printerfacts.git" - } - }, "xess": { "inputs": { - "nixpkgs": "nixpkgs_8", - "utils": "utils_3" + "nixpkgs": "nixpkgs_7", + "utils": "utils_2" }, "locked": { "lastModified": 1640540322, diff --git a/flake.nix b/flake.nix index 1d4bab6..a1beaa3 100644 --- a/flake.nix +++ b/flake.nix @@ -9,16 +9,21 @@ utils.url = "github:numtide/flake-utils"; # my apps - xe-printerfacts = { + printerfacts = { url = "git+https://tulpa.dev/cadey/printerfacts.git?ref=main"; inputs.nixpkgs.follows = "nixpkgs"; inputs.flake-utils.follows = "utils"; }; - xe-mara = { + mara = { url = "git+https://tulpa.dev/Xe/mara.git?ref=main"; inputs.nixpkgs.follows = "nixpkgs"; inputs.utils.follows = "utils"; }; + snoo2nebby = { + url = "git+https://tulpa.dev/cadey/snoo2nebby.git?ref=main"; + inputs.nixpkgs.follows = "nixpkgs"; + inputs.utils.follows = "utils"; + }; rhea = { url = "github:Xe/rhea"; inputs.nixpkgs.follows = "nixpkgs"; @@ -30,8 +35,8 @@ }; }; - outputs = { self, nixpkgs, deploy-rs, home-manager, agenix, xe-printerfacts - , xe-mara, rhea, waifud, ... }: + outputs = { self, nixpkgs, deploy-rs, home-manager, agenix, printerfacts, mara + , snoo2nebby, rhea, waifud, ... }: let pkgs = nixpkgs.legacyPackages."x86_64-linux"; mkSystem = extraModules: @@ -40,6 +45,7 @@ modules = [ agenix.nixosModules.age home-manager.nixosModules.home-manager + ({ config, ... }: { system.configurationRevision = self.sourceInfo.rev; services.getty.greetingLine = @@ -50,9 +56,11 @@ }) ./common - xe-printerfacts.nixosModules."${system}".printerfacts - xe-mara.nixosModules."${system}".bot - rhea.nixosModule."${system}" + printerfacts.nixosModules.${system}.printerfacts + mara.nixosModules.${system}.bot + snoo2nebby.nixosModule.${system} + rhea.nixosModule.${system} + ] ++ extraModules; }; in { @@ -64,6 +72,7 @@ }; nixosConfigurations = { + # avalon chrysalis = mkSystem [ ./hosts/chrysalis ./hardware/location/YOW ]; logos = mkSystem [ ./hosts/logos @@ -72,6 +81,9 @@ waifud.nixosModules.x86_64-linux.waifud-runner ]; + # cloud + firgu = mkSystem [ ./hosts/firgu ]; + # vms ## logos hugo = mkSystem [ ./hosts/vm/hugo ./hardware/libvirt-generic ]; diff --git a/hosts/firgu/default.nix b/hosts/firgu/default.nix new file mode 100644 index 0000000..be23e47 --- /dev/null +++ b/hosts/firgu/default.nix @@ -0,0 +1,43 @@ +{ config, lib, pkgs, ... }: + +let metadata = pkgs.callPackage ../../ops/metadata/peers.nix { }; +in { + imports = [ + ../../common + ./hardware-configuration.nix + ./matrix.nix + ./shellbox.nix + ]; + + services.openssh.enable = true; + + networking.useDHCP = false; + networking.interfaces.ens3.useDHCP = true; + networking.hostName = "firgu"; + networking.firewall.enable = false; + + i18n.defaultLocale = "en_US.UTF-8"; + services.tailscale.enable = true; + + boot.loader.grub.enable = true; + boot.loader.grub.version = 2; + boot.loader.grub.device = "/dev/vda"; # or "nodev" for efi only + + environment.systemPackages = with pkgs; [ + wget + vim + python3 + lua5_3 + git + ]; + + system.stateVersion = "20.09"; # Did you read the comment? + + within.services.snoo2nebby.enable = true; + within.users.enableSystem = true; + + boot.kernel.sysctl = { + "net.ipv4.forward" = 1; + "net.ipv6.conf.all.forwarding" = 1; + }; +} diff --git a/hosts/firgu/hardware-configuration.nix b/hosts/firgu/hardware-configuration.nix new file mode 100644 index 0000000..2b3cbab --- /dev/null +++ b/hosts/firgu/hardware-configuration.nix @@ -0,0 +1,25 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = + [ (modulesPath + "/profiles/qemu-guest.nix") + ]; + + boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "sr_mod" "virtio_blk" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/ef445130-579d-40e1-bfcc-26ab84d0e981"; + fsType = "ext4"; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/c4a4e1da-6828-4f19-8e0b-d9e376b3e3e6"; } + ]; + +} diff --git a/hosts/firgu/matrix.nix b/hosts/firgu/matrix.nix new file mode 100644 index 0000000..7e49f08 --- /dev/null +++ b/hosts/firgu/matrix.nix @@ -0,0 +1,99 @@ +{ pkgs, ... }: + +let extraLegoFlags = [ "--dns.resolvers=8.8.8.8:53" ]; +in { + services.matrix-synapse = { + enable = true; + server_name = "within.website"; + + enable_metrics = true; + url_preview_enabled = true; + + max_upload_size = "100M"; + + enable_registration = true; + + listeners = [ + { + bind_address = "127.0.0.1"; + port = 8448; + type = "http"; + tls = false; + x_forwarded = true; + resources = [{ + compress = false; + names = [ "client" "federation" ]; + }]; + } + { + bind_address = "100.77.196.9"; + port = 8448; + type = "http"; + tls = false; + resources = [{ + compress = false; + names = [ "client" "federation" ]; + }]; + } + { + bind_address = "100.77.196.9"; + port = 9000; + type = "metrics"; + tls = false; + resources = [ ]; + } + ]; + + extraConfig = '' + registration_requires_token: true + ''; + }; + + services.nginx.virtualHosts = { + "matrix.within.website" = { + forceSSL = true; + useACMEHost = "within.website"; + + locations = { + "/".extraConfig = '' + return 404; + ''; + + "/_matrix" = { proxyPass = "http://127.0.0.1:8448"; }; + }; + }; + + "element.within.website" = { + forceSSL = true; + useACMEHost = "within.website"; + + root = pkgs.element-web.override { + conf = { + default_server_config."m.homeserver" = { + "base_url" = "https://matrix.within.website"; + "server_name" = "within.website"; + }; + showLabsSettings = true; + }; + }; + }; + }; + + services.postgresql.enable = true; + services.postgresql.initialScript = pkgs.writeText "synapse-init.sql" '' + CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse'; + CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse" + TEMPLATE template0 + LC_COLLATE = "C" + LC_CTYPE = "C"; + ''; + + security.acme.certs."within.website" = { + group = "users"; + email = "me@christine.website"; + dnsProvider = "cloudflare"; + credentialsFile = "/srv/within/cf.env"; + extraDomainNames = [ "matrix.within.website" "element.within.website" ]; + inherit extraLegoFlags; + }; +} diff --git a/hosts/firgu/shellbox.nix b/hosts/firgu/shellbox.nix new file mode 100644 index 0000000..73369ec --- /dev/null +++ b/hosts/firgu/shellbox.nix @@ -0,0 +1,145 @@ +{ config, lib, pkgs, ... }: + +let + mkUser = {shell, keys, ...}: { + isNormalUser = true; + extraGroups = [ "ponydev" ]; + createHome = true; + inherit shell; + openssh.authorizedKeys.keys = keys; + }; + +in { + users.groups.ponydev = { gid = 1337; }; + + documentation.man.generateCaches = false; + + security.pam.loginLimits = [ + { + domain = "@ponydev"; + type = "soft"; + item = "nofile"; + value = "2048"; + } + { + domain = "@ponydev"; + type = "hard"; + item = "nice"; + value = "2"; + } + { + domain = "@ponydev"; + type = "hard"; + item = "nproc"; + value = "420"; + } + ]; + + programs.fish.enable = true; + programs.zsh.enable = true; + + users.motd = '' + _____.__ + _/ ____\__|______ ____ __ __ + \ __\| \_ __ \/ ___\| | \ + | | | || | \/ /_/ > | / + |__| |__||__| \___ /|____/ + /_____/ + + firgu(noun/adj): Benificial, nice, an aid to + + Welcome to the ponydev pubnix! Things are still being set up. + + Check us out on gemini at gemini://sh.pony.dev/! + + To make your own gemini content, make a folder in your home + directory named `public_gemini`, add an index.gmi and then + get going! See section 5 of here[1] for information on the + syntax of gemtext. If you've used markdown before the only + real difference is in how you make links. + + For a beautiful gemini client on your desktop, check out + lagrange[2]! + + [1]: https://gemini.circumlunar.space/docs/specification.html + [2]: https://gmi.skyjake.fi/lagrange/ + + If you need help contact Cadey. + ''; + + within.services.rhea = { + enable = true; + sites = [ + rec { + domain = "sh.pony.dev"; + certPath = "/var/lib/acme/${domain}/cert.pem"; + keyPath = "/var/lib/acme/${domain}/key.pem"; + files = { + root = "/srv/gemini/${domain}"; + autoIndex = true; + userPaths = true; + }; + } + ]; + }; + + security.acme.acceptTerms = true; + security.acme.email = "me+firgu@christine.website"; + + systemd.services.nginx.serviceConfig.ProtectHome = "read-only"; + services.nginx = { + enable = true; + group = "users"; + recommendedTlsSettings = true; + recommendedOptimisation = true; + recommendedGzipSettings = true; + recommendedProxySettings = true; + virtualHosts = { + "sh.pony.dev" = { + forceSSL = true; + enableACME = true; + locations."/" = { root = "/srv/http/sh.pony.dev"; }; + extraConfig = '' + location ~ ^/~(.+?)(/.*)?$ { + alias /home/$1/public_html$2; + index index.html index.htm; + autoindex on; + } + ''; + }; + }; + }; + + users.users = { + # TODO(Xe): add user information here, make sure to add them to + # @ponydevs + + ansis = mkUser { + shell = pkgs.bashInteractive; + keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTEe/IOfB8ZOGRPH2rEs04rgFCP+WS62v6hTUtRQc/HrztCHECJ/oDEaIv+3rOFJE2DehdV4uYhBjDVYzU8Fq46LG2HHBULWexb826qbUfmkmI81O1P4avppTQUTDT3H9z74CNUvO+xJ8LIOmDuBJntxzShYY622x7c80tZo9SpPDJW4S5uKxNT/DGWwxhlYxCsqpi7DERROEeuq5yxN/bEQesvDx9zjxBvODFLgGl4RBxL2oGHEYPIZud4n8v67zVBwicY0pSESJqV/DffEtCSANOZtXZM8xd73oif1mET39QXD2PaootBceStDN9dDmK1ETDG8UEIlww31FcYQO9 ansis@canterlot" + ]; + }; + + bytewave = mkUser { + shell = pkgs.zsh; + keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDWR1CzI5q+vCmKUj8faYqFae2RYhbLhyrIaEIwzapMURrTyPd2uWbV4bY+hbkIOOZcumtcUUs35LkQzP9NcBA5lzn1zTmDExqofRO6fn7PTORFH8FUQGuJ0nQPANEBiOTGToiqfdDCStHMwkB8b7xUavFP0mh3997UYfRIBNzUFryfJBJbB9RH1HrcYBUS1mC0pN8a6XaMzI3jVNiqS6tGch8syZo3kxp13h93R4rbDPJajSu+3k1YmhOv0GF5utGNcndJ55WAdisySuP/uE3gqsOJ8yOLwavvk0Ftx7ziMWT+TW3Uv7LAfk2w1/QH3BNI5xCWJ8Q8K85UDbQmgMfFqTtVzzArKDJN/Np5TrIc/KhRzU1ShUyIZdtiWZlf3hLD8h9HxYU/4lwxyRF6gQ3Y7tx+2ocGFtfnkmy0jWXPcnJI2M2cgeavvHzryJ9bVhhPLll2WWd2BU1vSOARz9dmr4yRjX4QIedI80u7Siahr9b5TP4nnYe511g1ZY5LJnGevNVYL7SZ/TqsK95m+r25uIxLfF0o/npqasHCoH/nJnhs52WD2jfhfHjyxKpvUzA6iwW4pwyFDHpedgRqFN1SSa81BZBOybB7bQc3rRX8/AaWCz3antcztctVEynIcoIhkBdYFGDXo8HI3xvqgTEcrFNIh2GKS07+H1PDHXR5Dw== openpgp:0xE69E4814" + ]; + }; + + cloudhop = mkUser { + shell = pkgs.bashInteractive; + keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC1XRspEClARKnN06gEdb88Wh8XAz5nJqcQORV8UC++dEXOT+xSc7fp9WuVg02n++OtUQMnaRdZFXxhrF64zb4q8/HW9ycWlablt6Pl/E3kTIdXr+X3N/FMJoPSjAOqjgPrhGnw5Tkk72c1ZQKxyVRnyVysBFj/07sWgVYVgxAHtCP6AiKu9CLrdomz642GGuMsyL+GK/cWaabAdJLtFK/w6nh8CfljyhTEvGhkYDt2fW5dtnH8RhQ7opFHhG/NixbxlNrYSXpoKma7W2XzE5jDWEyMKDjXk51e0os+IWtjC8godJgy3cSp0Y9MkCRe1hu6uhtWQiFJLr/qOMHC5NJf mcclu@ERIKDESKTOP" + ]; + }; + + openskies = mkUser { + shell = pkgs.bashInteractive; + keys = [ + "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCza57+Kj+VdonMr4J/x6vbd14hcVOKlexInh/WXeEw6uhytX0Iu8gv5IKe6Ncn5oOrGbGuRAdx1D7IuVqV2nGxGrMwkc1Lu4+srZf0HiK0KyHf8g60OTew+JeaPA4zoesq4k71xg8YfLDUI9voctfTASuwHjSdiF6rMGjxj9a9ErWd/tDD9vpqeYss3dGNR28N7I5YeMfuWsAcUniUK4v97uHzP26ArODoHsBn3/JlHm4P7qeo+KwxC4mqbklX0vTEokOMSt7Wc1qJv7SVs37QtFp7smh0cn1lC0jWREpdEaoG2LZpM8fdc3kJEDXfz+K6qcxHTXnVqBbgNG5cGR1b aiverson@nixos" + ]; + }; + }; +}