alex/nixos-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

backwards: Add secrets for ssh machine (root) key

Browse Source
This commit is contained in:
Alexander Heldt
2024-08-15 15:12:48 +02:00
parent 385cb1dd7d
commit c580c07786
4 changed files with 36 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
hosts/backwards/modules/ssh/default.nix
View File

@@ -1,6 +1,8 @@
{ lib, config, ... }:
let
enabled = config.mod.ssh.enable;
rootSSHKeyPath = "/etc/ssh";
in
{
options = {
@@ -20,6 +22,11 @@ in
openssh = {
enable = true;
ports = [ 1122 ];
hostKeys = [{
path = "${rootSSHKeyPath}/root.backwards";
type = "ed25519";
}];
};
};
@@ -28,5 +35,16 @@ in
allowedTCPPorts = [ 1122 ];
};
};
age.secrets = {
"root.backwards" = {
file = ../../../../secrets/backwards/root.backwards.age;
path = "${rootSSHKeyPath}/root.backwards";
};
"root.backwards.pub" = {
file = ../../../../secrets/backwards/root.backwards.pub.age;
path = "${rootSSHKeyPath}/root.backwards.pub";
};
};
};
}