alex/nixos-configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cfce2cf63882db3a1434171f937712a3f004cf61
nixos-configs/hosts/backwards/modules/ssh/default.nix
Alexander Heldt a8a91841e7 backwards: Add secrets for codeberg.org
2024-08-15 19:26:15 +02:00

71 lines
1.6 KiB
Nix
Raw Blame History

{ lib, config, ... }:
let
enabled = config.mod.ssh.enable;
rootSSHKeyPath = "/etc/ssh";
in
{
options = {
mod.ssh = {
enable = lib.mkEnableOption "enable ssh module";
};
};
config = lib.mkIf enabled {
home-manager.users.alex = {
programs.ssh = {
enable = true;
matchBlocks = {
"codeberg.org" = {
hostname = "codeberg.org";
identityFile = "/home/alex/.ssh/alex.backwards-codeberg.org";
};
};
};
};
services = {
openssh = {
enable = true;
ports = [ 1122 ];
hostKeys = [{
path = "${rootSSHKeyPath}/root.backwards";
type = "ed25519";
}];
};
};
networking = {
firewall = {
allowedTCPPorts = [ 1122 ];
};
};
age.secrets = {
"root.backwards" = {
file = ../../../../secrets/backwards/root.backwards.age;
path = "${rootSSHKeyPath}/root.backwards";
};
"root.backwards.pub" = {
file = ../../../../secrets/backwards/root.backwards.pub.age;
path = "${rootSSHKeyPath}/root.backwards.pub";
};
"alex.backwards-codeberg.org" = {
file = ../../../../secrets/backwards/alex.backwards-codeberg.org.age;
path = "/home/alex/.ssh/alex.backwards-codeberg.org";
owner = "alex";
group = "users";
};
"alex.backwards-codeberg.org.pub" = {
file = ../../../../secrets/backwards/alex.backwards-codeberg.org.pub.age;
path = "/home/alex/.ssh/alex.backwards-codeberg.org.pub";
owner = "alex";
group = "users";
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink