diff options
| author | quentin@aristote.fr <quentin@aristote.fr> | 2025-10-18 11:26:21 +0200 |
|---|---|---|
| committer | quentin@aristote.fr <quentin@aristote.fr> | 2025-10-18 11:34:57 +0200 |
| commit | 25f53f34cbc0fcb8917a0c0d217288b39f951bbe (patch) | |
| tree | a45e442b0044a36e68b86199bd23154cf1bdcd95 | |
| parent | 95ac93362b3e1f2cc1c9bcabd8293869298cadcb (diff) | |
nixos: add db of ssh public keys
| -rw-r--r-- | modules/nixos/personal/default.nix | 18 | ||||
| -rw-r--r-- | modules/nixos/personal/user.nix | 6 |
2 files changed, 20 insertions, 4 deletions
diff --git a/modules/nixos/personal/default.nix b/modules/nixos/personal/default.nix index cab4a97..735f9af 100644 --- a/modules/nixos/personal/default.nix +++ b/modules/nixos/personal/default.nix @@ -1,4 +1,4 @@ -{ ... }: +{ lib, ... }: { imports = [ ./boot.nix @@ -11,4 +11,20 @@ ./system.nix ./user.nix ]; + + options.personal.lib.publicKeys.ssh = lib.mkOption { + type = with lib.types; attrsOf str; + default = { }; + example = { + machine = "ssh-ed25519 AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA user@domain"; + }; + description = "Known SSH public keys."; + }; + + config.personal.lib.publicKeys.ssh = { + latitude-7490 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK4wGbl3++lqCjLUhoRyABBrVEeNhIXYO4371srkRoyq qaristote@latitude-7490"; + precision-3571 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEvPsKWQXX/QsFQjJU0CjG4LllvUVZme45d9JeS/yhLt qaristote@precision-3571"; + dragonfly-g4 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICT+jPcQhtBu4jxNAn54PV2TJ5krCfFnbXsR3OHk72l8 qaristote@dragonfly-g4"; + optiplex-9030 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDh2W0Nv76Nnw8TNysOkxVDZpnW0VEptq4u4Rask6zoO qaristote@optiplex-9030"; + }; } diff --git a/modules/nixos/personal/user.nix b/modules/nixos/personal/user.nix index 29a35cb..ea0ce8c 100644 --- a/modules/nixos/personal/user.nix +++ b/modules/nixos/personal/user.nix @@ -26,9 +26,9 @@ in users.users."${cfg.name}" = { isNormalUser = true; extraGroups = [ "wheel" ] ++ lib.optional config.networking.networkmanager.enable "networkmanager"; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK4wGbl3++lqCjLUhoRyABBrVEeNhIXYO4371srkRoyq qaristote@latitude-7490" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEvPsKWQXX/QsFQjJU0CjG4LllvUVZme45d9JeS/yhLt qaristote@precision-3571" + openssh.authorizedKeys.keys = with config.personal.lib.publicKeys.ssh; [ + latitude-7490 + precision-3571 ]; }; |