🚀 add ssh module

This commit is contained in:
Moritz Böhme 2022-11-03 21:03:36 +01:00
parent 5c0752b891
commit 4b08e874b7
Signed by: moritz
GPG key ID: 970C6E89EB0547A9
5 changed files with 65 additions and 3 deletions

View file

@ -81,6 +81,10 @@ with lib; {
logseq.enable = true; logseq.enable = true;
python.enable = true; python.enable = true;
rofi.enable = true; rofi.enable = true;
ssh = {
enable = true;
includeSecrets = [ ../../secrets/ssh-home.age ];
};
spotify.enable = true; spotify.enable = true;
thunar.enable = true; thunar.enable = true;
zathura.enable = true; zathura.enable = true;

View file

@ -25,6 +25,7 @@
./python.nix ./python.nix
./rofi ./rofi
./spotify.nix ./spotify.nix
./ssh.nix
./sway.nix ./sway.nix
./thunar.nix ./thunar.nix
./vim.nix ./vim.nix

39
modules/programs/ssh.nix Normal file
View file

@ -0,0 +1,39 @@
{ config
, lib
, pkgs
, ...
}:
with lib;
let
cfg = config.my.programs.ssh;
baseName = path: removeSuffix ".age" (baseNameOf path);
in
{
options.my.programs.ssh = {
enable = mkEnableOption "ssh";
includeSecrets = mkOption {
default = [ ];
type = with types; listOf path;
};
};
config =
mkIf cfg.enable
{
age.secrets = listToAttrs (map
(path: {
name = baseName path;
value = {
file = path;
owner = "1000";
};
})
cfg.includeSecrets);
home-manager.users.moritz.programs.ssh = {
enable = true;
includes = map (path: "/run/agenix/" + baseName path) cfg.includeSecrets;
};
};
}

View file

@ -11,10 +11,11 @@ let
all = users ++ hosts; all = users ++ hosts;
in in
{ {
"github.age".publicKeys = all;
"home-vpn-password.age".publicKeys = all;
"home-vpn.age".publicKeys = all;
"nordvpn.age".publicKeys = all; "nordvpn.age".publicKeys = all;
"spotifyd.age".publicKeys = all; "spotifyd.age".publicKeys = all;
"home-vpn.age".publicKeys = all; "ssh-home.age".publicKeys = all;
"home-vpn-password.age".publicKeys = all;
"github.age".publicKeys = all;
"uni-vpn.age".publicKeys = all; "uni-vpn.age".publicKeys = all;
} }

17
secrets/ssh-home.age Normal file
View file

@ -0,0 +1,17 @@
age-encryption.org/v1
-> ssh-ed25519 CjuqfA wMWvHzKojsGU5q8ElLz2IiwI0NvWZN6rPLL8nvIu9xE
n0FjkxhJTOaG7RF6MEzaAz9ZWiP1trQHdNiaPCc5aCo
-> ssh-ed25519 QRYDmg ChVNe6JXbocNnJnO0Y7XVrW0Tic5V5aIWuxGiG6pXnw
FIDIKw6K0Y+WY5GJV262KTayMwxPCCBXMqXXMQruCPI
-> ssh-ed25519 wG6LYg X/hbVXUoJNAkrgGz5MtyMjYRtBkF+FERXsRg1t8lFio
x7zWga14+MZKbTQxRhoQjeBvuQOoG/uF6ZOW2XSgm/g
-> ssh-ed25519 ZYd7Zg 2ONwuLBf5b3SrCdH+8ZiebO7KBqfKjan1Sw+LX/oTQ4
bk6LwwvZ/i5UCxUakWA9J4MUT+3ENWMGAZyXpHRFMNI
-> ssh-ed25519 as9VYQ H2i5xdWKf96tzdmTOZ0PHZciuZgSHSYTNxbvcQ3PzDs
LRwILXh0IzTJrXJf2xa97m8cBV6KuvjDPWdeNTRZNdw
-> G(S/7!"#-grease 0y 81:sY?B
r6URopooo8jE5fqfSgjBHWrwDVMa0IwklhiWXsbMzgzBhac8DSDiGMEfXxKAFDFV
GTFSR0sZoA
--- QLqXqFiqJnIc1aMFvU0Giexu9m6E2ESU6kVpiu/vD5I
ƈv.“}Ÿrcdnqùüö7 ¶Ò|“nÍþ“Œ<E2809C>A4H<34><15>ú†±³Ì¿PÀ…êó¯ùÐø4íÆÇ~
8Ìm%¸ÿ꥟p'™diœ<69>µ9å7>ªr¿<72>¸˜KüeaxDž7²CtÉGlsæEðv÷<76>Å”I‡Èc |¡C‡w±6ÍG%˜þ,%y¸æTñí…×á­µÀÞ8