From 368c455b7fb5a0f4119159a4d83c0936182a2075 Mon Sep 17 00:00:00 2001 From: Tom Alexander Date: Mon, 20 Jan 2025 22:38:54 -0500 Subject: [PATCH] Persist ssh keys for kodi user. --- nix/configuration/roles/kodi/default.nix | 44 +++++++++++++++++++++++- 1 file changed, 43 insertions(+), 1 deletion(-) diff --git a/nix/configuration/roles/kodi/default.nix b/nix/configuration/roles/kodi/default.nix index 2a7fac5..3661a1b 100644 --- a/nix/configuration/roles/kodi/default.nix +++ b/nix/configuration/roles/kodi/default.nix @@ -24,10 +24,52 @@ ]; } (lib.mkIf config.me.graphical { - users.extraUsers.kodi.isNormalUser = true; services.cage.user = "kodi"; services.cage.program = "${pkgs.kodi-wayland}/bin/kodi-standalone"; services.cage.enable = true; + + nixpkgs.overlays = [ + (final: prev: { + kodi-wayland = prev.kodi-wayland.withPackages ( + kodiPkgs: with kodiPkgs; [ + joystick + ] + ); + }) + ]; + + users.users.kodi = { + isNormalUser = true; + createHome = true; # https://github.com/NixOS/nixpkgs/issues/6481 + group = "kodi"; + extraGroups = [ ]; + uid = 12000; + packages = with pkgs; [ + tree + ]; + # Generate with `mkpasswd -m scrypt` + hashedPassword = "$7$CU..../....VXvNQ8za3wSGpdzGXNT50/$HcFtn/yvwPMCw4888BelpiAPLAxe/zU87fD.d/N6U48"; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGu+k5lrirokdW5zVdRVBOqEOAvAPlIkG/MdJNc9g5ky" + "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIEI6mu6I5Jp+Ib0vJxapGHbEShZjyvzV8jz5DnzDrI39AAAABHNzaDo=" + "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIAFNcSXwvy+brYTOGo56G93Ptuq2MmZsjvRWAfMqbmMLAAAABHNzaDo=" + ]; + }; + users.groups.kodi.gid = 12000; + + environment.persistence."/persist" = lib.mkIf (!config.me.buildingIso) { + hideMounts = true; + users.kodi = { + directories = [ + { + directory = ".ssh"; + user = "kodi"; + group = "kodi"; + mode = "0755"; + } + ]; + }; + }; }) ] );