1
0
Fork 0

Limit users who can run Nix

This commit is contained in:
Aires 2024-05-09 12:19:33 -04:00
parent 5c10ed17eb
commit b816d82163

View file

@ -19,8 +19,14 @@
extra-substituters = [ "https://cache.lix.systems" ]; extra-substituters = [ "https://cache.lix.systems" ];
trusted-public-keys = [ "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=" ]; trusted-public-keys = [ "cache.lix.systems:aBnZUw8zA7H35Cz2RyKFVs3H4PlGTLawyY5KRbvJR8o=" ];
# Only allow these users to use Nix
allowed-users = [
"root"
config.users.users.aires.name
];
# Avoid signature verification messages when doing remote builds # Avoid signature verification messages when doing remote builds
trusted-users = [ "${config.users.users.aires.name}" ]; trusted-users = [ config.users.users.aires.name ];
}; };
# Enable periodic nix store optimization # Enable periodic nix store optimization