Add restricted AI worker access with deployment capabilities

- New module: modules/nixos/security/ai-worker-restricted.nix - Bind mount for infra repo access (RW) - Whitelisted sudo commands: nh, nixos-rebuild, nixpkgs-fmt, nix - Audit logging for infra changes - Documentation in README-ai-worker.md - Updated users/ai-worker.nix: - Enable services.aiWorkerAccess - Lock password (SSH key only) - Security documentation comments - Updated flake.nix: - Include new security module SECURITY: AI must ask for user confirmation before running nh os switch
2026-04-28 15:34:38 +00:00
parent 7efba3ac5b
commit 18df45819d
4 changed files with 161 additions and 0 deletions
--- a/modules/nixos/security/ai-worker-restricted.nix
+++ b/modules/nixos/security/ai-worker-restricted.nix
@@ -0,0 +1,57 @@
+{ config, pkgs, lib, ... }:
+
+with lib;
+
+{
+  options.services.aiWorkerAccess = mkOption {
+    type = types.bool;
+    default = false;
+    description = "Enable restricted AI worker access to infra repo with deployment capabilities";
+  };
+
+  config = mkIf config.services.aiWorkerAccess {
+    # Bind mount for infra repo access (read-write for editing)
+    fileSystems."/home/ai-worker/infra" = {
+      device = "/home/gortium/infra";
+      fsType = "none";
+      options = [ "bind" ];
+    };
+
+    # Restricted sudo access - only specific commands allowed
+    security.sudo.extraRules = [
+      {
+        users = [ "ai-worker" ];
+        commands = [
+          {
+            command = "/run/current-system/sw/bin/nh";
+            options = [ "NOPASSWD" ];
+          }
+          {
+            command = "/run/current-system/sw/bin/nixos-rebuild";
+            options = [ "NOPASSWD" ];
+          }
+          {
+            command = "/run/current-system/sw/bin/nixpkgs-fmt";
+            options = [ "NOPASSWD" ];
+          }
+          {
+            command = "/run/current-system/sw/bin/nix";
+            options = [ "NOPASSWD" ];
+          }
+        ];
+      }
+    ];
+
+    # Ensure ai-worker has necessary tools available
+    environment.systemPackages = with pkgs; [
+      nh
+      nixpkgs-fmt
+    ];
+
+    # Audit logging for ai-worker actions on infra directory
+    security.audit.enable = mkDefault true;
+    security.audit.rules = [
+      "-w /home/gortium/infra -p wa -k infra_changes"
+    ];
+  };
+}