Skip to content

admin

Adds a root user with ssh access

Utility

The admin service aggregates components that allow an administrator to log in to and manage the machine.

The following configuration:

  1. Enables OpenSSH with root login and adds an SSH public key namedmyusersKey to the machine's authorized_keys via the allowedKeys setting.

  2. Automatically generates a password for the root user.

instances = {
    admin = {
        roles.default.tags = {
            all = {  };
        };
        roles.default.settings = {
            allowedKeys = {
                myusersKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEFDNnynMbFWatSFdANzbJ8iiEKL7+9ZpDaMLrWRQjyH lhebendanz@wintux";
            };
        };
    };
};

Roles

The admin service has the following roles:

  • default

Options for the default role

allowedKeys

The allowed public keys for ssh access to the admin user

Type: attribute set of string

Default:

{ }
Example 
{
  key_1 = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD...";
}

Declared in: clanServices/admin/default.nix

certificateSearchDomains

List of domains to include in the certificate. This option will prepend the machine name in front of each domain before adding it to the certificate.

Type: list of string

Default:

[ ]
Example 
[
  "mydomain.com"
]

Declared in: clanServices/admin/default.nix

rsaHostKey.enable

Whether to enable Generate RSA host key.

Type: boolean

Default:

false
Example 
true

Declared in: clanServices/admin/default.nix