feat: add jet as a trusted user

2026-03-23 16:10:33 -07:00 · 2026-03-23 16:10:33 -07:00 · b41c85b161
commit b41c85b161
parent 9b5a32e04b
2 changed files with 14 additions and 1 deletions
--- a/configuration.nix
+++ b/configuration.nix
@ -67,6 +67,14 @@
    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE40ISu3ydCqfdpb26JYD5cIN0Fu0id/FDS+xjB5zpqu"
  ];
  users.users.jet = {
    isNormalUser = true;
    extraGroups = [ "wheel" ];
    openssh.authorizedKeys.keys = [
      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE40ISu3ydCqfdpb26JYD5cIN0Fu0id/FDS+xjB5zpqu"
    ];
  };
  # SSH - Secure it
  services.openssh = {
    enable = true;
@ -120,8 +128,13 @@
    "nix-command"
    "flakes"
  ];
  nix.settings.trusted-users = [
    "root"
    "jet"
  ];
  nix.settings.max-jobs = "auto";
  nix.settings.cores = 0;
  security.sudo.wheelNeedsPassword = false;
  services.postgresql.package = pkgs.postgresql_15;
  nixpkgs.config.allowUnfree = true; # Allow unfree packages (Minecraft, etc.)
--- a/flake.nix
+++ b/flake.nix
@ -51,7 +51,7 @@
        let
          pkgs = nixpkgs.legacyPackages.x86_64-linux;
          deploy = pkgs.writeShellScriptBin "nhs" ''
-            nh os switch --hostname extremist-software --target-host root@extremist-software path:. "$@"
+            nh os switch --hostname extremist-software --target-host jet@extremist-software path:. "$@"
          '';
          check-secrets = pkgs.writeShellScriptBin "check-secrets" ''
            set -euo pipefail