♻️ [shared] Move domain to common file

♻️ [shared] Refactor ssh config to be dynamic
2025-05-19 21:51:12 +02:00 · 2025-05-19 21:42:29 +02:00
4 changed files with 35 additions and 30 deletions
--- a/flake.nix
+++ b/flake.nix
@ -74,15 +74,18 @@
          hostName = "desktop";
          system = "x86_64-linux";
          nvidia.enable = true;
+          ssh.publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMSzXyTuQyTrWsfORQbvgrqt/33+hfSUDXeMg6D1T2wz";
        }
        {
          hostName = "thinkpad";
          system = "x86_64-linux";
+          ssh.publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILNlHKE/BD8kKfhJD7GBk1A3whZf3gTjk9VEgGAj3qsH";
        }
        {
          hostName = "pi4";
          system = "aarch64-linux";
          wayland.enable = false;
+          ssh.publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJE9m7YiITe1sDqSZ7Pa8luIw3WToLsypixZEqE4wCQE";
        }
        # TODO Homelab config
      ];
@ -126,6 +129,7 @@
                  theme
                  lib
                  systemConfig
+                  systems
                  ;
                isDarwin = false;
              };
--- a/hosts/pi4/caddy.nix
+++ b/hosts/pi4/caddy.nix
@ -1,5 +1,6 @@
+{ common, ... }:
 let
-  domain = "martials.no";
+  domain = common.domain;
 in
 {
  services.caddy = {
--- a/shared/common.nix
+++ b/shared/common.nix
@ -13,6 +13,8 @@ rec {
    pictures = "${dir.home}/Pictures";
  };

+  domain = "martials.no";
+
  keymaps = {
    layout = "gb,no";
    options = "grp:alt_shift_toggle"; # Toggle using ALT + SHIFT
--- a/shared/modules/security/ssh.nix
+++ b/shared/modules/security/ssh.nix
@ -1,33 +1,31 @@
-# /nix/store/<hash>/etc/ssh/ssh_config
-{ systemConfig, ... }:
-
+# /nix/store/<hash>/etc/ssh/ssh_config & /nix/store/<hash>/etc/ssh/authorized_keys
 {
-  programs.ssh.knownHosts =
-    let
-      domain = "dns.martials.no";
-    in
+  systemConfig,
+  systems,
+  common,
+  ...
+}:
+with builtins;
+let
+  domain = "dns.${common.domain}";
+  allSystems = systems ++ [
    {
-      desktop = {
-        extraHostNames = [ "desktop.${domain}" ];
-        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMSzXyTuQyTrWsfORQbvgrqt/33+hfSUDXeMg6D1T2wz";
-      };
-      thinkpad = {
-        extraHostNames = [ "thinkpad.${domain}" ];
-        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILNlHKE/BD8kKfhJD7GBk1A3whZf3gTjk9VEgGAj3qsH";
-      };
-      pi4 = {
-        extraHostNames = [ "pi4.${domain}" ];
-        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJE9m7YiITe1sDqSZ7Pa8luIw3WToLsypixZEqE4wCQE";
-      };
-      homelab = {
-        extraHostNames = [ "homelab.${domain}" ];
-        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIARDv5nRlfPDXdV+Db4FaqeSJZ3/3MO0frYGzuVeqYAl";
-      };
-    };
-  users.users.${systemConfig.username}.openssh.authorizedKeys.keys = [
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMSzXyTuQyTrWsfORQbvgrqt/33+hfSUDXeMg6D1T2wz"
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILNlHKE/BD8kKfhJD7GBk1A3whZf3gTjk9VEgGAj3qsH"
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJE9m7YiITe1sDqSZ7Pa8luIw3WToLsypixZEqE4wCQE"
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIARDv5nRlfPDXdV+Db4FaqeSJZ3/3MO0frYGzuVeqYAl"
+      hostName = "homelab";
+      ssh.publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIARDv5nRlfPDXdV+Db4FaqeSJZ3/3MO0frYGzuVeqYAl";
+    }
  ];
+in
+{
+  programs.ssh.knownHosts = listToAttrs (
+    map (system: {
+      name = system.hostName;
+      value = {
+        extraHostNames = [ "${system.hostName}.${domain}" ];
+        publicKey = system.ssh.publicKey;
+      };
+    }) allSystems
+  );
+  users.users.${systemConfig.username}.openssh.authorizedKeys.keys = (
+    map (system: system.ssh.publicKey) allSystems
+  );
 }
Author	SHA1	Message	Date
Martin Berg Alstad	882c42a093	♻️ [shared] Move domain to common file	2025-05-19 21:51:12 +02:00
Martin Berg Alstad	c6fcb7b6b8	♻️ [shared] Refactor ssh config to be dynamic	2025-05-19 21:42:29 +02:00