diff options
author | tv <tv@krebsco.de> | 2017-01-07 13:28:23 +0100 |
---|---|---|
committer | tv <tv@krebsco.de> | 2017-01-07 13:28:23 +0100 |
commit | 9779351be952095ed55ad4ccee98452a8838cfb9 (patch) | |
tree | 846049ff5cdb00f6dbdf1a3eca49aba7757ff3f5 /krebs/3modules | |
parent | 51bbf7f5c2077a5bab74a077049db7ef3d995ca9 (diff) |
krebs.git: add authorizedKeys only for users found in rules
Diffstat (limited to 'krebs/3modules')
-rw-r--r-- | krebs/3modules/git.nix | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/krebs/3modules/git.nix b/krebs/3modules/git.nix index 164831846..a08dbb32c 100644 --- a/krebs/3modules/git.nix +++ b/krebs/3modules/git.nix @@ -339,9 +339,11 @@ let description = "Git repository hosting user"; shell = "/bin/sh"; openssh.authorizedKeys.keys = - mapAttrsToList (_: makeAuthorizedKey git-ssh-command) - (filterAttrs (_: user: isString user.pubkey) - config.krebs.users); + unique + (sort lessThan + (map (makeAuthorizedKey git-ssh-command) + (filter (user: isString user.pubkey) + (concatMap (getAttr "user") cfg.rules)))); }; }; |