jawz/NixOS
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ssh config

Browse Source
This commit is contained in:
Danilo Reyes 2025-09-27 15:56:36 -06:00
parent a9b9063ee1
commit 8cd5e390cf
3 changed files with 74 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
config/home-manager.nix
View File

@ -6,7 +6,18 @@
}: }:
{ {
home.stateVersion = "23.05"; home.stateVersion = "23.05";
programs.bash = programs = {
direnv = {
enable = true;
enableBashIntegration = true;
nix-direnv.enable = true;
};
git = {
enable = true;
userName = "Danilo Reyes";
userEmail = "CaptainJawZ@protonmail.com";
};
bash =
let let
inherit (pkgs) fd fzf; inherit (pkgs) fd fzf;
inherit (inputs.jawz-scripts.packages.x86_64-linux) pokemon-colorscripts; inherit (inputs.jawz-scripts.packages.x86_64-linux) pokemon-colorscripts;
@ -45,6 +56,7 @@
export command_timeout=60 export command_timeout=60
''; '';
}; };
};
xdg = { xdg = {
enable = true; enable = true;
userDirs = { userDirs = {
@ -60,16 +72,4 @@
}; };
configFile.wgetrc.text = "hsts-file=\${XDG_CACHE_HOME}/wget-hsts"; configFile.wgetrc.text = "hsts-file=\${XDG_CACHE_HOME}/wget-hsts";
}; };
programs = {
direnv = {
enable = true;
enableBashIntegration = true;
nix-direnv.enable = true;
};
git = {
enable = true;
userName = "Danilo Reyes";
userEmail = "CaptainJawZ@protonmail.com";
};
};
} }

28
config/jawz.nix
View File

@ -1,6 +1,10 @@
{ config, lib, ... }: { config, lib, ... }:
let let
inherit (config.networking) hostName; inherit (config.networking) hostName;
nixosHosts =
lib.attrNames config.my.ips
|> lib.filter (name: !(lib.hasPrefix "wg-" name) && name != "vps" && name != "router" && name != hostName);
nixosHostsMatch = lib.concatStringsSep " " nixosHosts;
in in
{ {
sops.secrets = sops.secrets =
@ -15,16 +19,32 @@ in
in in
{ {
jawz-password.neededForUsers = true; jawz-password.neededForUsers = true;
"private_keys/age" = keyConfig "${baseDir}_age";
"public_keys/age" = keyConfig "${baseDir}_age.pub";
"private_keys/${hostName}" = keyConfig "${baseDir}_${hostName}"; "private_keys/${hostName}" = keyConfig "${baseDir}_${hostName}";
"git_private_keys/${hostName}" = keyConfig "${baseDir}_git"; "git_private_keys/${hostName}" = keyConfig "${baseDir}_git";
"syncthing_keys/${hostName}" = keyConfig ".config/syncthing/key.pem"; "syncthing_keys/${hostName}" = keyConfig ".config/syncthing/key.pem";
"syncthing_certs/${hostName}" = keyConfig ".config/syncthing/cert.pem"; "syncthing_certs/${hostName}" = keyConfig ".config/syncthing/cert.pem";
"syncthing_password".sopsFile = ../secrets/keys.yaml; "syncthing_password".sopsFile = ../secrets/keys.yaml;
}; };
home-manager.users.jawz = {
home-manager.users.jawz.home.file.".librewolf/.stignore".source = ../dotfiles/stignore; home.file.".librewolf/.stignore".source = ../dotfiles/stignore;
programs.ssh = {
enable = true;
matchBlocks = {
vps = {
hostname = config.my.ips.vps;
user = "fedora";
port = 3456;
identityFile = config.sops.secrets."private_keys/${hostName}".path;
};
"${nixosHostsMatch}" = {
user = "jawz";
identityFile = config.sops.secrets."private_keys/${hostName}".path;
};
"${config.my.servers.gitea.host} github.com gitlab.com bitbucket.org".identityFile =
config.sops.secrets."git_private_keys/${hostName}".path;
};
};
};
services.syncthing = { services.syncthing = {
enable = true; enable = true;
user = "jawz"; user = "jawz";

2
flake.nix
View File

@ -99,7 +99,7 @@
workstation = createConfig "workstation" inputs.nixpkgs; workstation = createConfig "workstation" inputs.nixpkgs;
miniserver = createConfig "miniserver" inputs.nixpkgs-small; miniserver = createConfig "miniserver" inputs.nixpkgs-small;
server = createConfig "server" inputs.nixpkgs-small; server = createConfig "server" inputs.nixpkgs-small;
galaxy = createConfig "galaxy" inputs.nixpkgs-small;
}; };
packages.${system} = (jawz-scripts.packages.${system} or { }); packages.${system} = (jawz-scripts.packages.${system} or { });
devShells.${system} = builtins.listToAttrs ( devShells.${system} = builtins.listToAttrs (