Modularise config. Add sops-nix for secrets management.

2025-07-08 14:09:35 +08:00 · 2025-07-08 14:09:35 +08:00 · a348413d83
commit a348413d83
parent 02fdb4707d
15 changed files with 211 additions and 119 deletions
--- a/configuration/server/docker.nix
+++ b/configuration/server/docker.nix
@ -0,0 +1,23 @@
+{
+  # Define a user account.
+  users.users.docker = {
+    isNormalUser = true;
+    linger = true;
+    extraGroups = [
+      "wheel"
+      "docker"
+    ];
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIETPyuxUVEmYyEW6PVC6BXqkhULHd/RvMm8fMbYhjTMV fern@muskduck"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKzW4epTmK01kGVXcuAXUNJQPltnogf4uab9FA5m8S3n fern@pardalote"
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBEJYq1fMxVOzCMfE/td6DtWS8nUk76U9seYD3Z9RYAz u0_a399@fairywren"
+      "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIMoJvPcUJDVVzO4dHROCFNlgJdDZSP5xyPx2s40zcx5QAAAABHNzaDo= YubiKey5NFC"
+    ];
+  };
+
+  # Auto login
+  services.getty.autologinUser = "docker";
+
+  # Enable docker
+  virtualisation.docker.enable = true;
+}