voronind/nix
0
0
Fork 0
Code Issues 40 Pull requests Packages Projects Releases Wiki Activity

Secret : Move sshd trusted keys to secret part.

Browse source
This commit is contained in:
Dmitry Voronin 2024-04-09 04:52:17 +03:00
parent f0bd0ba56b
commit 7b20a0429c
3 changed files with 14 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
flake.nix
View file

@ -159,6 +159,7 @@
flake = self; flake = self;
inputs = inputs; inputs = inputs;
key = import ./part/Key.nix {}; key = import ./part/Key.nix {};
secret = import ./part/Secret.nix {};
setting = import ./part/Setting.nix {}; setting = import ./part/Setting.nix {};
style = import ./part/Style.nix { config = config; }; style = import ./part/Style.nix { config = config; };
util = import ./part/Util.nix { pkgs = pkgs; }; util = import ./part/Util.nix { pkgs = pkgs; };
@ -279,6 +280,7 @@
flake = self; flake = self;
inputs = inputs; inputs = inputs;
key = import ./part/Key.nix {}; key = import ./part/Key.nix {};
secret = import ./part/Secret.nix {};
setting = import ./part/Setting.nix {}; setting = import ./part/Setting.nix {};
style = import ./part/Style.nix { config = import ./part/style/Gruvbox.nix {}; }; style = import ./part/Style.nix { config = import ./part/style/Gruvbox.nix {}; };
util = import ./part/Util.nix { pkgs = pkgs; }; util = import ./part/Util.nix { pkgs = pkgs; };

11
module/common/Sshd.nix
View file

@ -1,12 +1,5 @@
{ ... }: { { secret, ... }: {
users.users.root.openssh.authorizedKeys.keys = [ users.users.root.openssh.authorizedKeys.keys = secret.ssh.trustedKeys;
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEuuw5ek5wGB9KdBhCTxjV+CBpPU6RIOynHkFYC4dau3 root@dasha"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGIf192IxsksM6u8UY+eqpHopebgV+NNq2G03ssdXIgz root@desktop"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJSWdbkYsRiDlKu8iT/k+JN4KY08iX9qh4VyqxlpEZcE root@home"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFgiYKFkMfiGOZCZIk+O7LtaoF6A3cHEFCqaPwXOM4rR root@work"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDBL5NAm8S97EtfB/7DPf5Xl3Cqi3PlSO1V0m7fknNzz root@laptop"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIL2LI1iFDZC223aWqBVz9yusfB/XrRwsBKiL5warIF/ nix-on-droid@phone"
];
services.openssh = { services.openssh = {
enable = true; enable = true;
allowSFTP = true; allowSFTP = true;

10
part/Secret.nix Normal file
View file

@ -0,0 +1,10 @@
{ ... }: {
ssh.trustedKeys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEuuw5ek5wGB9KdBhCTxjV+CBpPU6RIOynHkFYC4dau3 root@dasha"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGIf192IxsksM6u8UY+eqpHopebgV+NNq2G03ssdXIgz root@desktop"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJSWdbkYsRiDlKu8iT/k+JN4KY08iX9qh4VyqxlpEZcE root@home"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFgiYKFkMfiGOZCZIk+O7LtaoF6A3cHEFCqaPwXOM4rR root@work"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDBL5NAm8S97EtfB/7DPf5Xl3Cqi3PlSO1V0m7fknNzz root@laptop"
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIL2LI1iFDZC223aWqBVz9yusfB/XrRwsBKiL5warIF/ nix-on-droid@phone"
];
}