Move alice/root definitions to configuration.nix for deploy-rs.

Deploy-RS will follow module imports, but seems to do some fucking
DUMB SHIT when it comes to actually building the whole package. I
found that unless I defined the user in the core configuration.nix
file, regardless of other imports, I would lose access to the users
halfway through the deploy.

I'm not totally sure why. I never tried setting the import inside the
configuration.nix, but I /was/ setting it inside the fucking
flake.nix, so who knows.

This way does make some sense, it feels safer to have my deploy user /
root defs inside the core config file so there's never a possibility
of losing access remotely, but still. What a fucking pain. Morph
doesn't have this problem! Morph is good! What are you doing deploy-rs!!

nixos-configs/common/users/default.nix

@@ -18,18 +18,4 @@
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPAZhFDzl1lbhWJ7MiTV3+Z1EY8M5b4cH/+ju4uo1d91 admin"
     ];
   };
-  users.users.alice = {
-    isNormalUser = true;
-    shell = pkgs.bash;
-    extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
-    # My SSH keys.
-    openssh.authorizedKeys.keys = [
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPAZhFDzl1lbhWJ7MiTV3+Z1EY8M5b4cH/+ju4uo1d91 admin"
-    ];
-    packages = with pkgs; [ emacs vim ];
-  };
-
-  # Use my SSH keys for logging in as root.
-  users.users.root.openssh.authorizedKeys.keys =
-    config.users.users.alice.openssh.authorizedKeys.keys;
 }

nixos-configs/deploy-rs/flake.nix

@@ -9,28 +9,31 @@
   };
 
   outputs = { self, nixpkgs, deploy-rs }: {
-    nixosConfigurations.exgod = nixpkgs.lib.nixosSystem {
+    nixosConfigurations.seraph = nixpkgs.lib.nixosSystem {
       system = "x86_64-linux";
-      modules = [ ../hosts/exgod/configuration.nix ];
+      modules = [
+        ../hosts/seraph/configuration.nix
+        ../common/default.nix
+      ];
     };
 
-    deploy.nodes.exgod = {
-      hostname = "exgod";
-      user = "alice";
+    deploy.nodes.seraph = {
+      hostname = "seraph";
+      user = "root";
       sshUser = "alice";
-      magicRollback = false;
+      # magicRollback = false;
       remoteBuild = false;
       path = deploy-rs.lib.x86_64-linux.activate.nixos
-        self.nixosConfigurations.exgod;
+        self.nixosConfigurations.seraph;
 
       # This forces ssh to connect over IPv4.
       sshOpts = [ "-4" ];
 
       profiles.system = {
         path = deploy-rs.lib.x86_64-linux.activate.nixos
-          self.nixosConfigurations.exgod;
+          self.nixosConfigurations.seraph;
       };
-    };
+    };    
 
     # This is highly advised, and will prevent many possible mistakes
     checks =

nixos-configs/hosts/exgod/configuration.nix

@@ -9,6 +9,21 @@
     ./hardware-configuration.nix
   ];
 
+  users.users.alice = {
+    isNormalUser = true;
+    shell = pkgs.bash;
+    extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
+    # My SSH keys.
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPAZhFDzl1lbhWJ7MiTV3+Z1EY8M5b4cH/+ju4uo1d91 admin"
+    ];
+    packages = with pkgs; [ emacs vim ];
+  };
+
+  # Use my SSH keys for logging in as root.
+  users.users.root.openssh.authorizedKeys.keys =
+    config.users.users.alice.openssh.authorizedKeys.keys;  
+
   # Use the systemd-boot EFI boot loader.
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;

nixos-configs/hosts/seraph/configuration.nix

@@ -9,6 +9,22 @@
     ./hardware-configuration.nix
   ];
 
+  users.users.alice = {
+    isNormalUser = true;
+    shell = pkgs.bash;
+    extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
+    # My SSH keys.
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPAZhFDzl1lbhWJ7MiTV3+Z1EY8M5b4cH/+ju4uo1d91 admin"
+    ];
+    packages = with pkgs; [ emacs vim ];
+  };
+
+  # Use my SSH keys for logging in as root.
+  users.users.root.openssh.authorizedKeys.keys =
+    config.users.users.alice.openssh.authorizedKeys.keys;
+  
+
   # Use the systemd-boot EFI boot loader.
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;
@@ -79,6 +95,7 @@
   security.sudo.enable = true;
   security.pam.enableSSHAgentAuth = true;
   security.pam.services.sudo.sshAgentAuth = true;
+  security.sudo.wheelNeedsPassword = false;
   
   # Open ports in the firewall.
   networking.firewall.allowedTCPPorts = [ 22 80 443 ];