commit c0d4cd289f6fd6727d6df907eecad2d627034623 · aylac.top/nixcfg-own-knot

+4 -1

modules/nixos/profiles/base/default.nix

···

       65
        
             openssh = {

     

       66
        
               enable = true;

     

       67
        
               openFirewall = true;

     

       68
       -
               settings.PasswordAuthentication = false;

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       69
        
             };

     

       70
        
           };

     

       71

···

       65
        
             openssh = {

     

       66
        
               enable = true;

     

       67
        
               openFirewall = true;

     

       68
       +
               settings = {

     

       69
       +
                 PasswordAuthentication = false;

     

       70
       +
                 PubkeyAuthentication = true;

     

       71
       +
               };

     

       72
        
             };

     

       73
        
           };

     

       74

+6 -1

modules/snippets/ssh/knownHosts.nix

···

       14
        
               publicKeyFile = "${self.inputs.secrets}/publicKeys/root_morgana.pub";

     

       15
        
             };

     

       16
        
       

     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       0
        
       
     

       17
        
             nanpi = {

     

       18
       -
               hostNames = ["nanpi" "nanpi.local" "nanpi.$config.mySnippets.tailnet.name}"];

     

       19
        
               publicKeyFile = "${self.inputs.secrets}/publicKeys/root_nanpi.pub";

     

       20
        
             };

     

       21

···

       14
        
               publicKeyFile = "${self.inputs.secrets}/publicKeys/root_morgana.pub";

     

       15
        
             };

     

       16
        
       

     

       17
       +
             ayla_morgana = {

     

       18
       +
               hostNames = ["morgana" "morgana.local" "morgana.${config.mySnippets.tailnet.name}"];

     

       19
       +
               publicKeyFile = "${self.inputs.secrets}/publicKeys/ayla_morgana.pub";

     

       20
       +
             };

     

       21
       +
       

     

       22
        
             nanpi = {

     

       23
       +
               hostNames = ["nanpi" "nanpi.local" "nanpi.${config.mySnippets.tailnet.name}"];

     

       24
        
               publicKeyFile = "${self.inputs.secrets}/publicKeys/root_nanpi.pub";

     

       25
        
             };

     

       26

+1 -1

modules/users/ayla/default.nix

···

       14
        
       

     

       15
        
             openssh.authorizedKeys.keyFiles =

     

       16
        
               lib.map (file: "${self.inputs.secrets}/publicKeys/${file}")

     

       17
       -
               (lib.filter (file: lib.hasPrefix "ayla_" file)

     

       18
        
                 (builtins.attrNames (builtins.readDir "${self.inputs.secrets}/publicKeys")));

     

       19
        
       

     

       20
        
             uid = 1000;

···

       14
        
       

     

       15
        
             openssh.authorizedKeys.keyFiles =

     

       16
        
               lib.map (file: "${self.inputs.secrets}/publicKeys/${file}")

     

       17
       +
               (lib.filter (file: (lib.hasPrefix "ayla_" file) || (lib.hasPrefix "root_morgana" file))

     

       18
        
                 (builtins.attrNames (builtins.readDir "${self.inputs.secrets}/publicKeys")));

     

       19
        
       

     

       20
        
             uid = 1000;