diff --git a/base/activation-manuelle/users.nix b/base/activation-manuelle/users.nix deleted file mode 100644 index 21a3362..0000000 --- a/base/activation-manuelle/users.nix +++ /dev/null @@ -1,113 +0,0 @@ -{ config, lib, pkgs, ... }: - -let - inherit (lib) mkIf mkMerge mkThenElse; - cfg = config.r6d.config-generator; - computers = config.r6d.computers; - profiles = config.r6d.profiles; - - # Dubronetwork - cubeRoot = "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLAyeNdQnAHTx9FvPuLkm0SeUIfr3EynGGx1hyFrsBof8TOa8UeuWM2H+68QBOJHTCVfP4/WEfChJUNmzh3WWpk= root@cube"; - latitudeTaeradan = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC2LieKJece9Es05uSLE4fV0GlXCzdx6kpJMWUrxi/z99gT9FHgMj+SgbeUoX/bPvjIgjqAs9N2ANc9H/y9Tx63ocANNQiJ2Atx0bGoTfwzdseuuVT3plML7bYg8Fftm6Imz4Bqq6XzluaO1IRXUtXHzvKL0onqqXu9moNXShJGzDQ0Cc3rsBbic+7N5lSgK3B2EFWHrdEUnEUU/LvKabjXu1VMCuxC9PaaaOuQt78gZh1gTmzONvnHhkai76C4e5rNkhpcaJXOX29D+oXJ0GgfHysabwcmLoRyjJIJWryp+83FTyaSj8Fwbu94pivDA9DJx4yBZoFKf9SwcwDO2P8D taeradan@dockertest"; - phenomTaeradan = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAEAQDRhxC87/etkTOPW97PtLatQKZLOPUowDYjCi/V2YsqAdQ/UHzzrDekYGDNPdbH2vOo5A5nKgYj6a+EOvmyzM/DC1DrrpU0jJB0Y0e1zEFFXhSNw5c6IYQ7laOPNgu1tbc7RISfA0JgCsVaeSohyA5duNrP/AsrdyK0Q5sR0+NXyommcCu8/ku4ssV/eXjieriVggji5wJKkwD4uI+oXdoc0fscOKUZoZqj3WkjV4SyDxyKa7Bhe4DmJJTgUUL3h+kDvpz1QMddA4vqUfN6xZOZPls9DfDHwXGeKLW09JMUBqk2dyuJvhS7ohBFoZ/Z8k5TKy5r7HTEF6PuOWeJTJ+qq8rF2E98vgsd7vFC1TYLl7w0gPEc18SMgq5/WvQoj2cbfp5HIAE+Rvso73uj+3QY3hUV3KHsFo8x2+u0SK47af243YosZhQstOj1j0NNwCLbsMgJ0w06Z+484KSBjslXa1fKsJX2ECq5BbrKdwVIWvKG065jBerVRtH33HHqPKtxN/ANFE5cIwgafmS+DUPdDtUIV53joT2ObrTYAFgpbe7Ga/i13CzByIvuwkSXk1bZ05ZkQS3syO+hR6nKZwZ2DWBZRT3D9Se17wzY7jtRCW4PmdkdIc1TX1ZFYnNtwk2Zd0hymhhtP9fKWfjeIM454id8OgvqTs8+ryuXbYx9WoqGxiH/OcB3ZTc3VCk4eCuEKl6JsoA4o4OWm+Os3wxXrpXi/0byP/EjpDHfwFJ1qpP2UP2fn8Wdrxs/yZKKU1X0YQMB2NofFSJBg3FCwW5BQhO8Dl3Qp10JPDhqFF9EWgZoHaWJ57JOAem3JvWbLVNUFcYW6nVMpRp8t4vDqA+a4z4zzbZ/rDALNXTw9o6AABhRMVcOLZbUOtGKXG4vmwMaF+numM7aBnS92gMT7RgpBbjwtv3gJyShK8srk5zvtrXM5LdknsL/mGxdjnTw6I8FumEXuVyHVPP1FgnvnjlqQrdRd1qYxW+Y92FhxMLiF/RlaNqsUp8adTgWj0ug0C5w8druERvIEeQTHT2GPZS2f0oDVPpvFI54TcdB+Ji5VBETIIMCa++kjoNbf+hFDjewnFcanKU0opG7WVw5VWIMp4r6y064lZ6yG3THIJssEIGj2Gkw2C5OHWxQlBAFTwzCZ6ANL7/HGnEKidgK1I4DLCClWlvG20t2Chk7AAXr7kWKBHtXsbERPA6GX7mRysYWE4DLbVN8TYms0nbax1kAjJZ/kZkg2Lv8xvXSxkuZgkL9XGyrf8axhFRzwLiprBybngvhlqr0DIPx3YWHfobNT4RUtiRvPP7TsXVO43JWWEPcVpnmDbCjjhi2bMTihhVu5KAsjhN+7WJQNrzNCE69 Taeradan(ssh)"; - cap = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG6VlqLpOsUk9LiSm7SySwZ3yXeDFq4SgXaLimCxTkY3 YDUBROME@LFR013526"; - cap-vm = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOs/dc/Jy6ucW5zUtouymMyhXOccsgrgas3N+DfsgOzJ taeradan@nixos.LFR013526.corp.capgemini.com"; - - # Prunetwork - mbpJPierre03 = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDS9RFWbeHgLIZNBA1gMZygftVElQwyph7t4NiKtoH9Yejj0okoxMfwxveUZMyqRN8bIMm3OTuZ6TXsyGvjcAV1fSaIUEX57/e+QeFRxJ7i08Yv+9rXkS7Xb4bc+gF7ev0/QnhCu/rqqSX2mJWe19IA7anuSfXKvcrDaMd+jYP7w+kdlNQej4TQtiTGV2Dq/exaMGqttCZU4yHoqVB5EHiMGAHN5SS+JgSWHdZctpG7r6ONyhaXeU4HNm1WOKwV2G/lu8N4kNLnLwA74iduqJmEQYySEhG0EmM6MAAsrD1pcvIphTrD2e6BsVTsA3aT7Zu62F7mcJVm7+aVQy0mn589 jpierre03@mbp.home"; - radxJPierre03 = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQD3Ds2/GqTcw3oROmKMT13jI8y3B3ZzhlOK0zdyvmiHGHVzY/NEqZftSQGb3macIxWvMu2xIE298r8cqWFO1kwoL4U+pb/m2bb9r8KsDGmK0C/cf5FytsxzaVmwk+QrInTJS9t/Bt1tTjpQ3SuM7RPmaiJ+ODrh/my0efsobGQPxIi90HI/qsAI67HDU5swA8xXJIRpYJuqZuafI0772n6vDD+fh9+lMfUxAxH++6gpNfKWbpawHUAmwIB+FqHTKj015iQ0oi5nmKh4SSei5MU5mfGX6UsDRjquU0/gxfNpLh7tt5C8l5YF9xzmO3qjlN0OJbUZrA4XvhmLsYcN6gifgaO+gk07XOJtBNxGI/JAAoh6eQ5Duc8wSFNR9OCqqydeX57npcu8pyPomfBLpAV01h7m5DH1ZpqB6pzk7ndBulgLUhiv3tTEbXDeoDKNNc/2/CxQUCpyOrURbYjSd0wsQklB53vIjKz2st9vG5hH4dqvnNQt9qjW0JkvFGzfa/sBOVIDt6ApzPbiF9x8sABqfm6PKzwDBKpUyGbBgdLo7E/wkqeEXsinWGidOfCok+HRSoo+U3Iq3RynpBe92E6/JsdCIGHiwLqrZNcYLjpJXzciH+brSIVkUeQeljHlu5zfkxYptqCLVHlO4A+kvRcgh0jyzxKw7Dq7IOWxlks/WQ== jpierre03@radx.prunetwork.fr"; - radxRoot = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDBAgQapQJdUNI37fbwtBrZ8B1GC2h5Ou95rNAlZAwv4c2IQ42RaZjhcRrx6zlq70DCqtHomgjr/xCr42ZTOPEG/PRMUDj+bQxPolpdSC84GTEMh+o6OHzcEEX4Ks7QT4FZ4VjIaR+OTVf+YdPhcEHY+n5MKAqBuVOMQCCriSdVuz5IEL3BXB7kD0rbOkW9kmliup/J9cdXUvibbHWonSqB86Cgpw0VlJQBRETB0g/dXBfDDm8z8S91nQG7nLgqizhgmyicQEo+M46J8l6lS1eGz4rcts5JGW0s71PVt0PEbylWKZlL3ymMggnpdoByDt742PlYMGl5XCZtZd80D1mN root@radx.prunetwork.fr"; - voyageRoot = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC8Fp2wqq4LOUpt4WppLHB4Mym6Ra5u2yAe2bGtVbUvki0x2ZfL6z8H6itUTybN0nE+50zdhzFoaAIV0wI+OG342kUv+CvHDMHBT+1FTbu27RSQAL6GAgwPJbegwBG6eC6Zq2ZpXUfPpeSS2KXG326FG4ihJ4CSKqAdEN85CJpNCMsr9NLDNE1YWNw795DFeN4sLvnIFoHUtiOqxpc5GFItMflQz26f7Co9fBnWQF0c4npudlhofQviW5X1rZX/vRT4Af6qXbCdsuRx1utQriqHMrf1iSvTB2CjQ/ChC+IeZiwc7nYAkA9+IMrngGaioW8zMclLxiVfb/jlHP8yCU2EVlY7EpAVReNeXVgTNxxy4FhfzIROtvJ5I/T64E1uLUXh90SQNWKgE4BdnJy50E8zxGxuf5xpAReqvdjf1Hnwj08TEfsCvYgBsV6Lh1HCVz6x+MO7twaHO7jxsc7mHBq1naqgpXNF/ICKuDTDgTGrtgp2W+lIw8cigX4K63rmwZ9fY0DDd/UI2Gdkv+eB/HjDRAXZk+TH3aBHrc/f46AIovBvThPPn7hvVcXNVohIDga3xM6TflHnzuvlO/87aWBZspRVdOoASLI/qxuXzecPWasIUVouqKusCttC7NfJshdJ9r75nkcsvLm8OrvfhTQyu2MpcJe30+lrexeLPNFopw== root@ks3273080.kimsufi.com"; -in { - - users.extraUsers.root = { - openssh.authorizedKeys.keys = [ - mbpJPierre03 - radxJPierre03 - radxRoot - phenomTaeradan - ]; - }; - - users.extraUsers.jpierre03 = { - isNormalUser = true; - description = "Jean-Pierre PRUNARET"; - extraGroups = [ - "audio" - "docker" - "plugdev" - "scanner" - "vbox" - "vboxusers" - "wheel" - ]; - useDefaultShell = true; - openssh.authorizedKeys.keys = [ - mbpJPierre03 - radxJPierre03 - radxRoot - voyageRoot - ]; - }; - - users.extraUsers.taeradan = { - description = "Yves Dubromelle"; - initialHashedPassword = "$6$yOBwZ.ijA$.eDknYZBxiGie88EUC8fYdpnSchKa8fMmjLglVk8c1gr23oAeb6rSBe8ID07frG5KlVSBqeMTuSoa/aONNp7b1"; - isNormalUser = true; - extraGroups = [ - "audio" - "docker" - "plugdev" - "scanner" - "vbox" - "vboxusers" - "wheel" - ]; - openssh.authorizedKeys.keys = [ - cubeRoot - latitudeTaeradan - phenomTaeradan - cap - cap-vm - ]; - }; - - users.extraUsers.lothy = mkIf ( (cfg.mailboxes && profiles.isDubronetwork) - || (profiles.isDesktop && profiles.isDubronetwork) - ) { - description = "Ophélie Dubromelle-Lacroix"; - isNormalUser = true; - extraGroups = [ - "audio" - "scanner" - ]; - hashedPassword = "$6$vcZSVwQFcGg1xt$xuMiCmlozhgyFFGEw3rRnIrhVcglMlWY1lfJG17QoKE4KzrQfc9YAaJYgf.clc3ouFC/yLtEs18Q0DVGixTEt0"; - }; - - users.extraUsers.alain = mkIf (cfg.mailboxes && profiles.isDubronetwork) { - description = "Alain Dubromelle"; - isNormalUser = true; - hashedPassword = "$6$wGd7Inli$p4Q8BrkUSNCKfqloHtehFKKHQqVKVxul/oHWBY2BdqlFNt7N9MXuvVJZ2BOD747vQvAc2f07N8I8kD0n7x/o61"; - uid = 1101; - }; - users.extraUsers.dubromelle = mkIf (cfg.mailboxes && profiles.isDubronetwork) { - description = "Alain & Véro Dubromelle"; - isNormalUser = true; - hashedPassword = "$6$Aa7rTIL7$M8zhtVsjPhkbNsY571K6bb04Y6cS04Z8RYKTIF3HoslelXplkphckauNep9gnc9mAp0p7o2lnQEVSoPw2UwT7/"; - uid = 1102; - }; - users.extraUsers.michele = mkIf (cfg.mailboxes && profiles.isDubronetwork) { - description = "Michele Dubromelle"; - isNormalUser = true; - hashedPassword = "$6$RuwEVVml$JnSb62qFrtBJY1CfC9uE0YK2qd2TpnNmlXNeQ62ludb3mkV8AMUVEj3R9jTKtOfLt/ap6jGVmakotGtHczBHL/"; - uid = 1103; - }; -} // { - assertions = [ - { - assertion = (profiles.isPrunetwork && (config.security.sudo.wheelNeedsPassword == true)) - || (!profiles.isPrunetwork && true); # pas prunetwork = pas de poliique - message = "Faire sudo nécessite un mot de passe"; - } - ]; -} diff --git a/base/base.nix b/base/base.nix index 1f4135d..8b9902c 100644 --- a/base/base.nix +++ b/base/base.nix @@ -15,6 +15,5 @@ in ./activation-manuelle/service-fail2ban.nix ./activation-manuelle/nix-serve-client.nix ./activation-manuelle/nix-serve-server.nix - ./activation-manuelle/users.nix ]; }