From 4de9883c83d5dbeac894ffc0fa6e23b3f65e070b Mon Sep 17 00:00:00 2001
From: Emery Hemingway <ehmry@posteo.net>
Date: Sun, 1 Dec 2019 11:33:47 +0100
Subject: [PATCH] hydra: re-enable yggdrasil

---
 hosts/hydra/configuration.nix | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/hosts/hydra/configuration.nix b/hosts/hydra/configuration.nix
index f3a557e9..4edcdf93 100644
--- a/hosts/hydra/configuration.nix
+++ b/hosts/hydra/configuration.nix
@@ -8,15 +8,30 @@
     ../../lib/hq.nix
     ../../lib/emery.nix
     ../../lib/buildfarmer.nix
+    ../../lib/yggdrasil.nix
+    ../../lib/tun.nix
   ];
 
   networking.interfaces.eth0.preferTempAddress = false;
+  services.yggdrasil = {
+    configFile = "/var/lib/yggdrasil/keys";
+    config.Peers = [
+      "tcp://[2a03:3b40:fe:ab::1]:46370" # Praha
+      "tcp://ygg.thingylabs.io:443" # Nürnberg
+      "tcp://176.223.130.120:22632" # Wrocław
+      "tcp://[2a05:9403::8b]:7743" # Praha
+    ];
+  };
 
   nixpkgs.config.allowUnfree = true;
 
   security.pam.enableSSHAgentAuth = true;
 
-  services.openssh.enable = true;
+  services.openssh = {
+    enable = true;
+    passwordAuthentication = false;
+  };
+
   programs.mosh.enable = true;
 
   nix = {