default.nix (819B) - Raw
1 { 2 config, 3 lib, 4 myData, 5 pkgs, 6 ... 7 }: 8 { 9 options.mj.services.borgstor = with lib.types; { 10 enable = lib.mkEnableOption "Enable borg storage user"; 11 dataDir = lib.mkOption { type = path; }; 12 sshKeys = lib.mkOption { type = listOf str; }; 13 }; 14 15 config = 16 with config.mj.services.borgstor; 17 lib.mkIf enable { 18 users.users.borgstor = { 19 description = "Borg Storage"; 20 home = dataDir; 21 shell = "/bin/sh"; 22 group = "borgstor"; 23 isSystemUser = true; 24 createHome = true; 25 uid = myData.uidgid.borgstor; 26 openssh.authorizedKeys.keys = map ( 27 k: ''command="${pkgs.borgbackup}/bin/borg serve --restrict-to-path ${dataDir}",restrict ${k}'' 28 ) sshKeys; 29 }; 30 31 users.groups.borgstor.gid = myData.uidgid.borgstor; 32 }; 33 }