noe/nixos
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

make ssh keys referenced

Browse source
This commit is contained in:
41666 2023-12-23 01:41:56 -05:00
parent a5d5f9f74e
commit 4afe36edd2
4 changed files with 15 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
nixos/base.nix
View file

@ -36,6 +36,7 @@
programs.git.enable = true;
users.defaultUserShell = pkgs.fish;
users.users.root.openssh.authorizedKeys.keys = import ./users/noe-keys.nix;
services.openssh.enable = lib.mkDefault true;

5
nixos/templates/proxmox-lxc.nix
View file

@ -1,9 +1,12 @@
{ pkgs, config, modulesPath, ... }: {
imports = [
(modulesPath + "/virtualisation/proxmox-lxc.nix")
../../nixos/base.nix
];
system.stateVersion = "24.05";
users.users.root.openssh.authorizedKeys.keys = import ../users/noe-keys;
environment.systemPackages = with pkgs; [
bashInteractive
];

7
nixos/users/noe-keys.nix Normal file
View file

@ -0,0 +1,7 @@
{
default =
[
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHrjnDY3hlN3cOCMBpcoh4GWdnG5nc9ZeOXJ7MtJVL3I''
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBs6/s+973H28jOrvN0zr1eayT+thrs61l1qV7uFhw8I''
];
}

11
nixos/users/noe.nix
View file

@ -1,17 +1,12 @@
{ config, pkgs, ... }: {
users.users.noe = {
hashedPasswordFile = config.sops.secrets."users/noe/password".path;
#hashedPasswordFile = config.sops.secrets."users/noe/password".path;
isNormalUser = true;
extraGroups = [ "wheel" ];
shell = pkgs.fish;
openssh.authorizedKeys.keys = [
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHrjnDY3hlN3cOCMBpcoh4GWdnG5nc9ZeOXJ7MtJVL3I''
''ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBs6/s+973H28jOrvN0zr1eayT+thrs61l1qV7uFhw8I''
];
openssh.authorizedKeys.keys = import ./noe-keys.nix;
};
users.users.root.openssh.authorizedKeys.keys = config.users.users.noe.openssh.authorizedKeys.keys;
environment.systemPackages = [ pkgs.nixos-rebuild ];
security.sudo.extraRules = [
{
@ -26,5 +21,5 @@
}
];
sops.secrets."users/noe/password".neededForUsers = true;
#sops.secrets."users/noe/password".neededForUsers = true;
}