✨ [shared] Added ssh config for desktop. Justfile to get pub ssh

justfile

@@ -69,6 +69,10 @@ generate-age-from-ssh:
 get-public-age-key:
     nix shell nixpkgs#age -c age-keygen -y ~/.config/sops/age/keys.txt
 
+# Get the public ssh key from the current user
+get-public-ssh-key:
+    cat ~/.ssh/id_ed25519.pub
+
 # Edit the SOPS secrets file
 edit-secrets:
     nix run nixpkgs#sops -- shared/secrets/secrets.yaml

shared/modules/security/default.nix

@@ -1,6 +1,7 @@
 {
   imports = [
     ./sops.nix
+    ./ssh.nix
     ./yubikey.nix
   ];
 

shared/modules/security/ssh.nix

@@ -0,0 +1,13 @@
+# /nix/store/<hash>/etc/ssh/ssh_config
+{
+  programs.ssh.knownHosts =
+    let
+      domain = "dns.martials.no";
+    in
+    {
+      desktop = {
+        extraHostNames = [ "desktop.${domain}" ];
+        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMSzXyTuQyTrWsfORQbvgrqt/33+hfSUDXeMg6D1T2wz";
+      };
+    };
+}

shared/modules/users.nix

@@ -5,7 +5,7 @@ in
 {
   users.users.${username} = {
     isNormalUser = true;
-    hashedPasswordFile = config.sops.secrets.password.path;
+    hashedPasswordFile = config.sops.secrets.password-hash.path;
     description = username;
     extraGroups = [
       "networkmanager"