ssh config
This commit is contained in:
parent
a9b9063ee1
commit
8cd5e390cf
@ -6,7 +6,18 @@
|
||||
}:
|
||||
{
|
||||
home.stateVersion = "23.05";
|
||||
programs.bash =
|
||||
programs = {
|
||||
direnv = {
|
||||
enable = true;
|
||||
enableBashIntegration = true;
|
||||
nix-direnv.enable = true;
|
||||
};
|
||||
git = {
|
||||
enable = true;
|
||||
userName = "Danilo Reyes";
|
||||
userEmail = "CaptainJawZ@protonmail.com";
|
||||
};
|
||||
bash =
|
||||
let
|
||||
inherit (pkgs) fd fzf;
|
||||
inherit (inputs.jawz-scripts.packages.x86_64-linux) pokemon-colorscripts;
|
||||
@ -45,6 +56,7 @@
|
||||
export command_timeout=60
|
||||
'';
|
||||
};
|
||||
};
|
||||
xdg = {
|
||||
enable = true;
|
||||
userDirs = {
|
||||
@ -60,16 +72,4 @@
|
||||
};
|
||||
configFile.wgetrc.text = "hsts-file=\${XDG_CACHE_HOME}/wget-hsts";
|
||||
};
|
||||
programs = {
|
||||
direnv = {
|
||||
enable = true;
|
||||
enableBashIntegration = true;
|
||||
nix-direnv.enable = true;
|
||||
};
|
||||
git = {
|
||||
enable = true;
|
||||
userName = "Danilo Reyes";
|
||||
userEmail = "CaptainJawZ@protonmail.com";
|
||||
};
|
||||
};
|
||||
}
|
||||
|
||||
@ -1,6 +1,10 @@
|
||||
{ config, lib, ... }:
|
||||
let
|
||||
inherit (config.networking) hostName;
|
||||
nixosHosts =
|
||||
lib.attrNames config.my.ips
|
||||
|> lib.filter (name: !(lib.hasPrefix "wg-" name) && name != "vps" && name != "router" && name != hostName);
|
||||
nixosHostsMatch = lib.concatStringsSep " " nixosHosts;
|
||||
in
|
||||
{
|
||||
sops.secrets =
|
||||
@ -15,16 +19,32 @@ in
|
||||
in
|
||||
{
|
||||
jawz-password.neededForUsers = true;
|
||||
"private_keys/age" = keyConfig "${baseDir}_age";
|
||||
"public_keys/age" = keyConfig "${baseDir}_age.pub";
|
||||
"private_keys/${hostName}" = keyConfig "${baseDir}_${hostName}";
|
||||
"git_private_keys/${hostName}" = keyConfig "${baseDir}_git";
|
||||
"syncthing_keys/${hostName}" = keyConfig ".config/syncthing/key.pem";
|
||||
"syncthing_certs/${hostName}" = keyConfig ".config/syncthing/cert.pem";
|
||||
"syncthing_password".sopsFile = ../secrets/keys.yaml;
|
||||
};
|
||||
|
||||
home-manager.users.jawz.home.file.".librewolf/.stignore".source = ../dotfiles/stignore;
|
||||
home-manager.users.jawz = {
|
||||
home.file.".librewolf/.stignore".source = ../dotfiles/stignore;
|
||||
programs.ssh = {
|
||||
enable = true;
|
||||
matchBlocks = {
|
||||
vps = {
|
||||
hostname = config.my.ips.vps;
|
||||
user = "fedora";
|
||||
port = 3456;
|
||||
identityFile = config.sops.secrets."private_keys/${hostName}".path;
|
||||
};
|
||||
"${nixosHostsMatch}" = {
|
||||
user = "jawz";
|
||||
identityFile = config.sops.secrets."private_keys/${hostName}".path;
|
||||
};
|
||||
"${config.my.servers.gitea.host} github.com gitlab.com bitbucket.org".identityFile =
|
||||
config.sops.secrets."git_private_keys/${hostName}".path;
|
||||
};
|
||||
};
|
||||
};
|
||||
services.syncthing = {
|
||||
enable = true;
|
||||
user = "jawz";
|
||||
|
||||
@ -99,7 +99,7 @@
|
||||
workstation = createConfig "workstation" inputs.nixpkgs;
|
||||
miniserver = createConfig "miniserver" inputs.nixpkgs-small;
|
||||
server = createConfig "server" inputs.nixpkgs-small;
|
||||
galaxy = createConfig "galaxy" inputs.nixpkgs-small;
|
||||
|
||||
};
|
||||
packages.${system} = (jawz-scripts.packages.${system} or { });
|
||||
devShells.${system} = builtins.listToAttrs (
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user