4 files changed, 26 insertions, 0 deletions

diff --git a/apps/static-users/appspec.nix b/apps/static-users/appspec.nix
new file mode 100644
index 0000000..6ab5c7d
--- /dev/null
+++ b/apps/static-users/appspec.nix
@@ -0,0 +1,12 @@
+{ lib, ... }: {
+  description = "static-users";
+  endOfLife = null;
+  options.users = lib.mkOption {
+    type = lib.types.attrsOf (lib.types.submodule {
+      options.publicKeyFile = lib.mkOption {
+        type = lib.types.path;
+      };
+    });
+    default = { };
+  };
+}
diff --git a/apps/static-users/capabilities.nix b/apps/static-users/capabilities.nix
new file mode 100644
index 0000000..de8d1f0
--- /dev/null
+++ b/apps/static-users/capabilities.nix
@@ -0,0 +1,8 @@
+{ appConfig, lib, ... }:
+lib.concatMapAttrs
+  (name: attrs: lib.optionalAttrs (attrs ? publicKeyFile) {
+    ${name} = {
+      inherit (attrs) publicKeyFile;
+    };
+  })
+  appConfig.users
diff --git a/apps/static-users/module.nix b/apps/static-users/module.nix
new file mode 100644
index 0000000..c915eb0
--- /dev/null
+++ b/apps/static-users/module.nix
@@ -0,0 +1 @@
+{ ... }: { }
diff --git a/systems/system1/configuration.nix b/systems/system1/configuration.nix
index 4f47b3c..a1889fb 100644
--- a/systems/system1/configuration.nix
+++ b/systems/system1/configuration.nix
@@ -7,6 +7,7 @@
     ../../configs
     # TODO auto-load modules
     ../../modules/abuilder
+    ../../modules/fysiweb-capabilities
   ];
 
   config = lib.mkMerge [
@@ -14,6 +15,10 @@
       networking.hostName = "system1";
     }
     {
+      fysiweb-apps.public.static-users.public.users.aforemny.publicKeyFile = toString ../../public + "/aforemny.id_rsa.pub";
+      fysiweb-apps.public.static-users.public.users.kirchner.publicKeyFile = toString ../../public + "/kirchner.id_rsa.pub";
+    }
+    {
       fysiweb-apps.public.static-website."nomath-org".domain = "nomath.org";
       fysiweb-apps.public.static-website."nomath-org".root = "/var/lib/abuilder/nomath-org/main";
     }