2 files changed, 12 insertions, 5 deletions

diff --git a/apps/cgit/appspec.nix b/apps/cgit/appspec.nix
index 8ea967c..243f477 100644
--- a/apps/cgit/appspec.nix
+++ b/apps/cgit/appspec.nix
@@ -24,5 +24,13 @@
       type = lib.types.attrsOf (lib.types.oneOf [ lib.types.bool lib.types.int lib.types.str ]);
       default = { };
     };
+    users = lib.mkOption {
+      type = lib.types.nullOr (lib.types.attrsOf (lib.types.submodule {
+        options.publicKeyFile = lib.mkOption {
+          type = lib.types.str;
+        };
+      }));
+      default = null;
+    };
   };
 }
diff --git a/apps/cgit/integration.nix b/apps/cgit/integration.nix
index ffa5b3e..8190c2a 100644
--- a/apps/cgit/integration.nix
+++ b/apps/cgit/integration.nix
@@ -1,13 +1,12 @@
 { appConfig, lib, pkgs, ... }:
 {
-  # TODO references ../../public
   users.users.git.home = "/var/lib/git";
   users.users.git.createHome = true;
   users.users.git.shell = "${pkgs.git}/bin/git-shell";
-  users.users.git.openssh.authorizedKeys.keyFiles = [
-    ../../public/aforemny.id_rsa.pub
-    ../../public/kirchner.id_rsa.pub
-  ];
+  users.users.git.openssh.authorizedKeys.keyFiles =
+    lib.optionals (appConfig.users != null) (lib.mapAttrsToList
+      (name: attrs: attrs.publicKeyFile)
+      appConfig.users);
 
   bindMounts."/var/lib/git".isReadOnly = false;