daniel/dotfiles
1
0
Fork 0
Code Activity Actions

ssh: Manage some public keys via nix

Browse source
This commit is contained in:
Daniel Kempkens 2022-08-01 00:23:56 +02:00
parent 4fc1ed07f3
commit 0f65cfde49
2 changed files with 21 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
home/programs/ssh.nix
View file

@ -1,8 +1,11 @@
{ pkgs, config, ... }:
let
auth-socket = "${config.home.homeDirectory}/.ssh/1password.sock";
signers-directory = "${config.home.homeDirectory}/.ssh/allowed_signers";
ssh-directory = "${config.home.homeDirectory}/.ssh";
ssh-keys = import ../../system/shared/ssh-keys.nix;
auth-socket = "${ssh-directory}/1password.sock";
signers-directory = "${ssh-directory}/allowed_signers";
in
{
home.packages = [ pkgs.openssh ];
@ -109,8 +112,15 @@ in
home.sessionVariables.SSH_AUTH_SOCK = "${auth-socket}";
home.file."${signers-directory}" = {
home.file = {
"${ssh-directory}/GitHub.pub".text = ssh-keys.GitHub;
"${ssh-directory}/GitLab.pub".text = ssh-keys.GitLab;
"${ssh-directory}/Hetzner.pub".text = ssh-keys.Hetzner;
"${ssh-directory}/LAN.pub".text = ssh-keys.LAN;
"${signers-directory}" = {
source = ../config/ssh/allowed_signers;
recursive = true;
};
};
}

6
system/shared/ssh-keys.nix
View file

@ -1,3 +1,9 @@
{
GitHub = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJFK1Jyr4jiHn8o/NN5rJMe21uRJ+6EnWtVyV5xogf14";
GitLab = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCjYM7ZqxRUp+gmqH37/y5FAT1ewZZyP+SrCYHVNGSS5nHzmgSAneocTl/H5/WiMUFtxy54VbdtOCtCe2my4nmvQfODD0Eepfo9V8S3tZOFzVpyH6S/mve/VgFfuQT2T8Cq85FQkdikD/mJztikbXPgx5frdq856ze4UXeZFyqaGyPxfN2x5iC5qKAoXJ6tuSn2MdhyqpVg0S8CKvWkaQJmcXIVR6VRGL6VssXJQh0ZGVYEEhJZ6rErpgbfiuXiQVw3x6DWzg9OuO/mUo+ot3y35YmrtV0Ad03SULp72cRoks7htiHzRIZPYsle1C4XL73MhNFR+rJTpd5RSz9qAMoPIYvNclEKmnRkuVk9npl9fLvazQQtwzD6V4W87UQJ/mpShT587cH0yjQFZYO1h2w5b1o23iGUbGwcse6MqSPiXb37z+Ua2itJM0d8Za7hxS8mFmbsg1lGK0/KyzkzRlajEtVA/ky33nknSbRuq6G5We0Fz8MwMYKIvb3Ib4QELJrh2zaUrqI7nUZEx16YbzmtAuhR0komeqER4n0rNKoLUNvNwFV6i8AqSeK4xJiQdNAIRBTGws5HkPJrlDodgmQJWpGGMUo8b8DGUL9yg/Jj+fZxjrXsdwgwnV3OW5s2WZmoKRM0Fp7Yz0S/a9qBjLTRUeJtEDVCmwfQFoTDghRxVw==";
Hetzner = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDTRKrX0wVWoauI+dSfFpKIr7qwh8imrp1OVlxWyCuFssZI2o6chmRBZq4EbOkVvfdgdOGJ4hTSwQOTwusZVrZHwxtinusX5c2M3HMrhMvLFAYh2vKrvP5UZBTA/7laenSM6uLGxrM2CNc+G8ryAyY7dLoU2xaXiqgcfC6MaU/leTMTXWH5fHvqUk2pxI4ihObTGiDE5kvvFbv3AhFFtcMmkzdHN1vlVp8olKG0lYOLM9O3PpVGJtiOTA2Z9YuTC44iH984HPmk3KkJsK/PZFI1d4K7oW7298w44pszElGwjIW0GyB7X4qo6yOxsq1OsL/c7T9VHWVw3na2QvAJODBNM8rYGMACo8oSEThRsi1hhXPe7MhLPqwhn3OHbbofupbqk7WpKVaMLrO7793DgNatPNhGgbz9WtVCC65YPY3De3sowsh4M4u0HC5lRg0IgjBMgUjMAHWqcxytYRUKPRrdKbcaoOoMquMnja+bcLfHxVOkcLMgEfzPtjxgZCvenUsy0Q73dwxAtJx73xscMZUWb/LbkLWoOzAh3jjyjIeZeT8ZyIOhfcgoxLFE4Ik7eIiszEg0xQ7jXzR+K3RL+2O93RvNTvc5WaDVypiL6Zics30EZAYMYtBoY69a1PxeJ42sLp3O35QNFbwfN4cnsx9YXgvUmTcwCijU/LbvNAgl2Q==";
LAN = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDrF80S1XX9KDHxJpm3gJsYQOCPAcrkOHK3rWrNGTegWB9wcjYQyKcuFyA+E2o3czx+lCDbDMjJOTS8L7RNBShEKxFDENqfNSpPrpCzw0MX5qhzF0CYhgMjgnPZK3qjdR+5424y3rK90mrOxWHuRtTM+Lm0GQUaOr/HMDq69JLNlPdI+Ww2hHx1PyzS30zKaHnFFRdEcdsQAY2dhEoh6J06XD8q8yRb2aNsDzDcXzNlkZl1K6FE0qqEsuLSF0cYJuXZh3anE3+AzL7NSj/nL33WInEEjmbib46K8lPXzG0P3LDcx/roPslgr0IAxFHOoCb32CO/mN6raaPBrb+eHwBCaE2nLDIaxPXRQO/gxYW7Qk1Q7AkuH/ytdNreE/4QfsUjCXQd4gWLYTh+WVIJDMC7sX+xsCAGQzGe3UVXkUp//6Ye9BA3fquhpSl8He/0MZqj051q53eEuwnA6OnIjmVFtz/4X3lMUwLxBs9yzn+LDmFUMB6Q6RcmzwQz5+ErwVLPm+/Jbzbwpp6JdyTwDjEd7BMPz0Xm2/41XAsUTYY7H8OnFDjQSzIQiSLCQU5tQeCP09zuyx1Dv2nPr08RW1wT4Jpquk9tut4smEsyLDrFA7ijRsS+1TYx9cDEXujheCxqLmuNZhBLEiscBChZMxcyzBG1Yktm/kepKAWEvWqz7w==";
}