Removed some unnecessary stuff

2025-01-22 22:21:51 +00:00 · 2025-01-22 22:21:51 +00:00 · cb662c7e45
parent df300154b3
commit cb662c7e45
1 changed files with 0 additions and 37 deletions
--- a/configuration.nix
+++ b/configuration.nix
@ -37,36 +37,8 @@
    "8.8.8.8"
  ];

-  # Define a user account. Don't forget to set a password with ‘passwd’.
-  # users.users.jane = {
-  #   isNormalUser = true;
-  #   extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
-  # };
-
-  users.users.root = {
-    openssh.authorizedKeys.keys = [
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG599UildOrAq+LIOQjKqtGMwjgjIxozI1jtQQRKHtCP q3k@mimeomia"
-      "cert-authority ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFPt2EXhvAwjMZ+5j8P0dCMaUdXeUQePeTv8tBdHXNly mewp"
-      "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDQb3YQoiYFZLKwvHYKbu1bMqzNeDCAszQhAe1+QI5SLDOotclyY/vFmOReZOsmyMFl71G2d7d+FbYNusUnNNjTxRYQ021tVc+RkMdLJaORRURmQfEFEKbai6QSFTwErXzuoIzyEPK0lbsQuGgqT9WaVnRzHJ2Q/4+qQbxAS34PuR5NqEkmn4G6LMo3OyJ5mwPkCj9lsqz4BcxRaMWFO3mNcwGDfSW+sqgc3E8N6LKrTpZq3ke7xacpQmcG5DU9VO+2QVPdltl9jWbs3gXjmF92YRNOuKPVfAOZBBsp8JOznfx8s9wDgs7RwPmDpjIAJEyoABqW5hlXfqRbTnfnMvuR informatic@InformaticPC"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOccFr7RFddSB5kdvYCIdCyKgD3X79mC90cMImqziTd9 radex@radpro"
-    ];
-  };
  users.groups.ldap-access = {};

-  # users.ldap = {
-  #   enable = true;
-  #   loginPam = true;
-  #   nsswitch = true;
-  #   base = "ou=users,dc=cebula,dc=camp";
-  #   server = "ldap://10.88.0.1:389/";
-  #   timeLimit = 1;
-  #   daemon.enable = true;
-  #   bind = {
-  #     distinguishedName = "cn=ldap-access,ou=users,dc=cebula,dc=camp";
-  #     passwordFile = "/var/secrets/ldap-access";
-  #   };
-  # };
-
  services.sssd = {
    enable = true;
    sshAuthorizedKeysIntegration = true;
@ -75,20 +47,11 @@
      serviceAccount = "ldap-access";
      allowedGroup = "cn=orga-infra,ou=groups,${baseDN}";
    in ''
-      [nss]
-      filter_groups = root
-      filter_users = root
-      reconnection_retries = 3
-
      [sssd]
      config_file_version = 2
-      reconnection_retries = 3
      domains = LDAP
      services = nss, pam, ssh

-      [pam]
-      reconnection_retries = 3
-
      [domain/LDAP]
      cache_credentials = True
      id_provider = ldap