tadpole: Move secrets in ssh module

2024-07-29 10:24:55 +02:00
parent 339229bdb0
commit 020eb70f1f
1 changed files with 20 additions and 20 deletions
--- a/hosts/tadpole/modules/ssh/default.nix
+++ b/hosts/tadpole/modules/ssh/default.nix
@@ -35,26 +35,6 @@ in
      '';
    };

-    age.secrets = {
-      "alex.pinwheel-tadpole.pub" = {
-        file = ../../../../secrets/pinwheel/alex.pinwheel-tadpole.pub.age;
-        path = "${authorizedKeysPath}/alex.pinwheel-tadpole.pub";
-      };
-
-      "alex.tadpole-codeberg.org" = {
-        file = ../../../../secrets/tadpole/alex.tadpole-codeberg.org.age;
-        path = "/home/alex/.ssh/alex.tadpole-codeberg.org";
-        owner = "alex";
-        group = "users";
-      };
-      "alex.tadpole-codeberg.org.pub" = {
-        file = ../../../../secrets/tadpole/alex.tadpole-codeberg.org.pub.age;
-        path = "/home/alex/.ssh/alex.tadpole-codeberg.org.pub";
-        owner = "alex";
-        group = "users";
-      };
-    };
-
    services = {
      openssh = {
        enable = true;
@@ -80,5 +60,25 @@ in
        allowedTCPPorts = [ 1122 ];
      };
    };
+
+    age.secrets = {
+      "alex.pinwheel-tadpole.pub" = {
+        file = ../../../../secrets/pinwheel/alex.pinwheel-tadpole.pub.age;
+        path = "${authorizedKeysPath}/alex.pinwheel-tadpole.pub";
+      };
+
+      "alex.tadpole-codeberg.org" = {
+        file = ../../../../secrets/tadpole/alex.tadpole-codeberg.org.age;
+        path = "/home/alex/.ssh/alex.tadpole-codeberg.org";
+        owner = "alex";
+        group = "users";
+      };
+      "alex.tadpole-codeberg.org.pub" = {
+        file = ../../../../secrets/tadpole/alex.tadpole-codeberg.org.pub.age;
+        path = "/home/alex/.ssh/alex.tadpole-codeberg.org.pub";
+        owner = "alex";
+        group = "users";
+      };
+    };
  };
 }