leon/nix-config
leon/nix-config
1
0
Fork 0
forked from c3d2/nix-config
Code Pull Requests Activity

Don't import ssh-keys multiple times

Browse Source
This commit is contained in:
Sandro - 2023-04-22 23:03:14 +02:00
parent 781658d2d3
commit d801ace08b
Signed by: sandro
GPG Key ID: 3AF5A43A3EECC2E5
6 changed files with 72 additions and 77 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
config/default.nix
View File

@ -1,4 +1,4 @@
{ config, lib, nixos, pkgs, zentralwerk, ... }:
{ config, lib, nixos, pkgs, ssh-public-keys, zentralwerk, ... }:
# this file contains default configuration that may be turned on depending on other config settings.
# options should go to modules.
@ -31,6 +31,7 @@
c3d2 = {
addKnownHosts = true;
sshKeys = ssh-public-keys;
};
documentation.nixos.enable = false;

5
flake.nix
View File

@ -233,6 +233,8 @@
self.overlays
];
ssh-public-keys = import ./ssh-public-keys.nix;
# Our custom NixOS builder
nixosSystem' =
{ nixpkgs ? inputs.nixos
@ -246,7 +248,7 @@
modules = [
(_: {
_module.args = {
inherit hostRegistry libC nixos zentralwerk;
inherit hostRegistry libC nixos ssh-public-keys zentralwerk;
};
nixpkgs.overlays = overlayList;
@ -764,7 +766,6 @@
./modules/plume.nix
./modules/stats.nix
];
c3d2.sshKeys = (import ./ssh-public-keys.nix).users;
c3d2.nncp.neigh = import ./modules/nncp-relays.nix;
};
cluster = ./modules/cluster;

6
hosts/leon/default.nix
View File

@ -25,7 +25,8 @@
# ' / `-----'' / |
# `...-' `...-'
#--------------------------------------------------------------------------------
{ lib, pkgs, ... }:
{ lib, pkgs, ssh-public-keys, ... }:
{
deployment = {
mem = 2048;
@ -59,8 +60,7 @@
isNormalUser = true;
extraGroups = [ "wheel" "docker" ];
createHome = true;
openssh.authorizedKeys.keys = with (import ../../ssh-public-keys.nix).users;
leon;
openssh.authorizedKeys.keys = ssh-public-keys.leon;
};
networking.nameservers = ["172.20.73.8" "9.9.9.9"];
networking.firewall = {

5
hosts/leoncloud/default.nix
View File

@ -1,4 +1,4 @@
{ config, lib, pkgs, ... }:
{ lib, pkgs, ssh-public-keys, ... }:
{
deployment = {
@ -38,8 +38,7 @@
isNormalUser = true;
extraGroups = [ "wheel" "docker" ];
createHome = true;
openssh.authorizedKeys.keys = with (import ../../ssh-public-keys.nix).users;
leon;
openssh.authorizedKeys.keys = ssh-public-keys.leon;
};

12
modules/cluster/default.nix
View File

@ -1,4 +1,4 @@
{ zentralwerk, hostRegistry, config, lib, pkgs, ... }:
{ config, hostRegistry, lib, pkgs, ssh-public-keys, zentralwerk, ... }:
let
inherit (config.networking) hostName;
@ -63,23 +63,19 @@ in {
# Deployment user for leon who also uses this flake
leon = {
uid = 1002;
sshKeys = with (import ../../ssh-public-keys.nix).users;
leon ++
astro;
sshKeys = with ssh-public-keys; leon ++ astro;
};
# Deployment user for neighbour Andreas Lippmann <andreaslippmann@web.de>
luulaatsch = {
uid = 1003;
sshKeys = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDVipwWSzxgUgm0fMeTbOSCXDNkbUUp+k1tvWaJcBA1M+LTM21rhP3tQQP24smPx1b2V/by6vHakhsj5pIMLzSSW7he/mAnOtwHj2dCEk6VaMvozAfS6n777g8ujZg0N9ekrqoNLh0uNchs3DYFZWXAnKtfEYjzIdXqVgXMI4uDXM6ObEh+YR3iGaZSYKd6S5nufzJOR6EiYbv/z6ThRq16f+HqetVdBamqmpNK9NcWCtjMcww7nZTyUvTbd2AyrpTAXSnVg30fza428Kpc5ZdzDJFjn0B3MVnP2LavIo8VH3Y5sjpp0aMDKfbz6dPA/df/pR6LVMsxx0eCEXeGqo9sFdabu2AwIPi79QFANr3qJ/nZo2LR3o2LvcOLO06xVRFKReGTsy6WWTNOTAL03sdiIbqnlmkjXu5nb4hzxoHBgA6LZGMx3knoVcUMBlpVaxOoT2tzXzpYszsKpGSN1EBqUlDXzen3EkHg7TpjjTJSH7Q0AeeSCJsaoAepa6wcZeJlBWSRiJdqIn7YBmCBdjV1nNPVBYE5mm2x88ha9e4NbyFhjQvZ/BiLyKCFVyDs6lIvhV5QfAPWOkyPwbLXtXg6g1OvmuM6mGDhtEfZKvreeqmTKjB+x7OpG847JKxmU8eeYax63/WgRssbOfTpicjsdoKlFST3WpZHGT7mWzmB/w== andreas@luulaatschs-MBP.pub.zentralwerk.org"
] ++ (with (import ../../ssh-public-keys.nix).users;
astro
);
] ++ ssh-public-keys.astro;
};
# Deployment user for marenz
marenz = {
uid = 1004;
sshKeys = (import ../../ssh-public-keys.nix).users.marenz;
sshKeys = ssh-public-keys.marenz;
};
};

2
ssh-public-keys.nix
View File

@ -1,7 +1,6 @@
{
# Please use ed25519 keys!
users = {
antrares = [
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDC6Io8mHskJhkUh+vaSo95pi1E/gAoesQ0v+s+7DCTgjpOkB+W6vdJ8U6rblFxrETaWFAIVfkg+I/ZYvNWqCAxu1iWXaZ3IEK2ZiP5Vg0HevAP0ratfIHw50V8wfsyA8/lLVGdpX76xqexdY3G1SYZUcedq6AqWx6FpyoKGVOL2+jlJhmxCoEYfOJe6HbTi02UtAw1qavaD2acvuLksHOiwRAq1+ijPo/OmU3LmaErheceiPC97Wn4H/a98HdnWXJ3AXZCpPzp784/gUxOd/fvKRQPv0Lza9dytmpkAVc9efLMAQZm60w9InpIY0VxJRu2iFDc6msMF/iJp1UXSJfk4hTxUvXL8rPXc4GYKDSQlWO4UXoKd2gZEmCdcsIN/re6VR1lJWcm4eKxI9zJAQRZDrYHZP3ALBJrBY+7pJUHGSB+jCdZ73zkvkiNWUHZ9Wwp4RvdFoCR9qT+AoDU2SMiBMn8/hNMZRUs6RKjUzzn2vhCbZh19QIDxivaFg3DOKq7CCI3XNR3M781MFdmeTXKBLnv2YEVXy5XDIMvucQaZIUoD14fSF2wnncuP9h0gs2H1zG7nQfMagGpE+ro56FO3rBQqfRzz/U528yuq8uf/6TD9u3jTu7ngZ0YpDvAwAh8yG3b2KGFbrcYc3N1zEQOz7IqKixmIt/f3VOOjQ3Yww== antrares@c3d2.de"
];
@ -60,5 +59,4 @@
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJPZoT83l0ogbJpviBs4VmO+NdF4NPtYAnyf8RRSoXsv leon@leon"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIANupx+diz5N8sGZOc7ZXopyPh9HaML8M7Qh70aVVIaJ leon@leons-Air"
];
};
}