mirror of
https://github.com/kmein/niveum
synced 2026-03-16 18:21:07 +01:00
Kierán Meinhardt
d03c6bb0de
feat(zaatar): convert to flake feat(tahina, tabula): convert to flake feat(makanek): convert to flake feat(manakish, zaatar): convert to flake feat(ci): build flake systems fix: ci build feat: secrets via submodule foo foo foo
94 lines
2.3 KiB
Nix
94 lines
2.3 KiB
Nix
{
|
|
pkgs,
|
|
config,
|
|
lib,
|
|
...
|
|
}: let
|
|
inherit (import ../lib) sshPort kieran;
|
|
externalNetwork = import ../lib/external-network.nix;
|
|
sshIdentity = name: "${config.users.users.me.home}/.ssh/${name}";
|
|
ssh-passphrase = lib.strings.fileContents <system-secrets/ssh/passphrase>;
|
|
in {
|
|
/*
|
|
TODO how do I do this?
|
|
services.xserver.displayManager.sessionCommands = toString (pkgs.writeScript "ssh-add" ''
|
|
#!${pkgs.expect}/bin/expect -f
|
|
spawn ${pkgs.openssh}/bin/ssh-add
|
|
expect "Enter passphrase for *:"
|
|
send "${ssh-passphrase}\n";
|
|
expect "Identity added: *"
|
|
interact
|
|
'');
|
|
*/
|
|
|
|
programs.ssh.startAgent = true;
|
|
|
|
users.users.me.openssh.authorizedKeys.keys = kieran.sshKeys pkgs;
|
|
|
|
home-manager.users.me.programs.ssh = {
|
|
enable = true;
|
|
matchBlocks = rec {
|
|
"github.com" = {
|
|
hostname = "ssh.github.com";
|
|
port = 443;
|
|
};
|
|
zaatar = {
|
|
hostname = "zaatar.r";
|
|
user = "root";
|
|
port = sshPort;
|
|
};
|
|
makanek = {
|
|
hostname = externalNetwork.makanek;
|
|
user = "root";
|
|
port = sshPort;
|
|
};
|
|
ful = {
|
|
hostname = externalNetwork.ful;
|
|
user = "root";
|
|
port = sshPort;
|
|
};
|
|
tahina = {
|
|
hostname = "tahina.r";
|
|
user = "root";
|
|
port = sshPort;
|
|
};
|
|
tabula = {
|
|
hostname = "tabula.r";
|
|
user = "root";
|
|
port = sshPort;
|
|
};
|
|
manakish = {
|
|
hostname = "manakish.r";
|
|
user = "kfm";
|
|
port = sshPort;
|
|
};
|
|
kabsa = {
|
|
hostname = "kabsa.r";
|
|
user = "kfm";
|
|
port = sshPort;
|
|
};
|
|
"nextcloud.fysi.dev" = {
|
|
hostname = "116.203.82.203";
|
|
user = "root";
|
|
};
|
|
"lingua.miaengiadina.ch" = {
|
|
hostname = "135.181.85.233";
|
|
user = "root";
|
|
};
|
|
"cms-dev.woc2023.app".identityFile = sshIdentity "fysiweb";
|
|
"cms-master.woc2023.app".identityFile = sshIdentity "fysiweb";
|
|
"fysi-dev1" = {
|
|
hostname = "94.130.229.139";
|
|
user = "root";
|
|
identityFile = sshIdentity "fysiweb";
|
|
};
|
|
${fysi-dev1.hostname} = fysi-dev1;
|
|
"fysi-shared0" = {
|
|
hostname = "49.12.205.235";
|
|
user = "root";
|
|
identityFile = sshIdentity "fysiweb";
|
|
};
|
|
};
|
|
};
|
|
}
|