From 39d36d545715658a524eca00dc743767a1f4be11 Mon Sep 17 00:00:00 2001
From: magic_rb <magic_rb@redalder.org>
Date: Sat, 30 Dec 2023 19:42:55 +0100
Subject: [PATCH] Add ssh-remote-access

Signed-off-by: magic_rb <magic_rb@redalder.org>
---
 nixos/systems/blowhole/ssh-machine-access.nix | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 nixos/systems/blowhole/ssh-machine-access.nix

diff --git a/nixos/systems/blowhole/ssh-machine-access.nix b/nixos/systems/blowhole/ssh-machine-access.nix
new file mode 100644
index 0000000..0579c3c
--- /dev/null
+++ b/nixos/systems/blowhole/ssh-machine-access.nix
@@ -0,0 +1,19 @@
+{
+  pkgs,
+  lib,
+  ...
+}: let
+  inherit (lib) getExe';
+in {
+  users.groups."bot" = {};
+  users.users."bot" = {
+    group = "bot";
+    home = "/var/empty";
+    shell = "${getExe' pkgs.busybox "sh"}";
+    isNormalUser = false;
+    isSystemUser = true;
+    openssh.authorizedKeys.keys = [
+      ''restrict,command="echo \"It's working\"" ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFVkFvalffJ/SMjJGG3WPiqCqFygnWzhGUaeALBIoCsJ (none)''
+    ];
+  };
+}