2024-03-17 18:48:49 +00:00
|
|
|
{ config, pkgs, ... }:
|
|
|
|
{
|
2024-03-13 07:38:20 +00:00
|
|
|
services.openssh.enable = true;
|
2024-05-20 17:11:12 +00:00
|
|
|
services.openssh.settings.PasswordAuthentication = false;
|
2024-03-13 07:38:20 +00:00
|
|
|
|
2024-03-17 18:48:49 +00:00
|
|
|
services.openssh.hostKeys = [
|
|
|
|
{
|
2024-03-28 09:30:37 +00:00
|
|
|
path = config.clanCore.facts.services.openssh.secret."ssh.id_ed25519".path;
|
2024-03-17 18:48:49 +00:00
|
|
|
type = "ed25519";
|
|
|
|
}
|
|
|
|
];
|
2024-03-13 07:38:20 +00:00
|
|
|
|
2024-03-28 09:30:37 +00:00
|
|
|
clanCore.facts.services.openssh = {
|
|
|
|
secret."ssh.id_ed25519" = { };
|
|
|
|
public."ssh.id_ed25519.pub" = { };
|
2024-03-17 18:48:49 +00:00
|
|
|
generator.path = [
|
|
|
|
pkgs.coreutils
|
|
|
|
pkgs.openssh
|
|
|
|
];
|
2024-03-13 07:38:20 +00:00
|
|
|
generator.script = ''
|
|
|
|
ssh-keygen -t ed25519 -N "" -f $secrets/ssh.id_ed25519
|
|
|
|
mv $secrets/ssh.id_ed25519.pub $facts/ssh.id_ed25519.pub
|
|
|
|
'';
|
|
|
|
};
|
|
|
|
}
|