From 8b2f3113d26afd2e7a41f3fe85dfcfea14351309 Mon Sep 17 00:00:00 2001
From: Michael Huebner <michael.huebner@ptspaper.de>
Date: Fri, 18 Jul 2025 10:55:52 +0200
Subject: [PATCH] Add extra user for pipeline access

---
 dev_system.nix | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/dev_system.nix b/dev_system.nix
index 512c76c..8f72b8f 100644
--- a/dev_system.nix
+++ b/dev_system.nix
@@ -23,7 +23,7 @@ in
     ./shared/ssh.nix
   ];
 
-  services.openssh.settings.AllowUsers = [ "pipeline" ];
+  services.openssh.settings.AllowUsers = [ "pipeline" "david" ];
 
   users.users = {
     # connection only via ssh key
@@ -36,6 +36,16 @@ in
         "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPB9tvEWgxrhK0pUs9RJrdreNX1EBxJ/nrz57qzP48Uk michaelh@michael-node"
       ];
     };
+    # connection only via ssh key
+    david = {
+      isNormalUser = true;
+      home = "/home/david";
+      description = "User used by forgejo runners to connect to this system for david";
+      extraGroups = [ "docker" ];
+      openssh.authorizedKeys.keys = [
+        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICfwHVorfUjbCXmJeVNtb2uP4FHcRI6ITpQDjnIeb7sI root@nixos"
+      ];
+    };
   };
 
   networking = {