users: disable password login for users in @wheel
This commit is contained in:
parent
2f3bcaf124
commit
08e5e4d90b
@ -1,4 +1,4 @@
|
||||
{lib, ...}:
|
||||
{lib, config, ...}:
|
||||
with lib;
|
||||
let
|
||||
# get all files in folder
|
||||
@ -17,4 +17,17 @@ in
|
||||
|
||||
imports = makeAbsolute ./.;
|
||||
|
||||
services.openssh.extraConfig =
|
||||
lib.pipe (builtins.attrNames config.users.users) [
|
||||
(builtins.filter (uname: builtins.any (x: x) [
|
||||
(config.users.users.${uname}.group == "wheel")
|
||||
(builtins.elem "wheel" config.users.users.${uname}.extraGroups)
|
||||
]))
|
||||
(builtins.map (uname: ''
|
||||
Match User ${uname}
|
||||
PasswordAuthentication no
|
||||
''))
|
||||
lib.concatLines
|
||||
];
|
||||
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user