modified home ssh to be user specific
This commit is contained in:
parent
efa11640e8
commit
5b942d4708
|
@ -228,11 +228,11 @@
|
|||
"nix-secrets": {
|
||||
"flake": false,
|
||||
"locked": {
|
||||
"lastModified": 1716469326,
|
||||
"narHash": "sha256-Y/oaOb0bR3VECHznlAh16DpTqDy54Ldhvupu9AOqF6E=",
|
||||
"lastModified": 1716659471,
|
||||
"narHash": "sha256-Wh43usJoW7JQnO1ZnPgg4ivHCXzGkMd2KswV9MeniUo=",
|
||||
"ref": "refs/heads/master",
|
||||
"rev": "be937cfd892ca1a027982f2a94f6b035623353c7",
|
||||
"revCount": 33,
|
||||
"rev": "72490bd6af1c40712577bf2d5f96927bd557a6a7",
|
||||
"revCount": 34,
|
||||
"type": "git",
|
||||
"url": "ssh://git@git.bitlab21.com/sam/nix-secrets.git"
|
||||
},
|
||||
|
|
|
@ -2,6 +2,5 @@
|
|||
{
|
||||
imports = [
|
||||
./zsh.nix
|
||||
./ssh.nix
|
||||
] ;
|
||||
}
|
||||
|
|
|
@ -1,13 +0,0 @@
|
|||
{ config, pkgs, ... }:
|
||||
|
||||
{
|
||||
programs.ssh = {
|
||||
enable = true;
|
||||
matchBlocks = {
|
||||
"git.bitlab21.com" = {
|
||||
identitiesOnly = true;
|
||||
identityFile = "~/.ssh/deploy_key-ssh-ed25519";
|
||||
};
|
||||
};
|
||||
};
|
||||
}
|
|
@ -9,9 +9,19 @@
|
|||
inputs.impermanence.nixosModules.home-manager.impermanence
|
||||
] ++ (builtins.attrValues outputs.homeManagerModules); # import all homeManagerModules?
|
||||
|
||||
programs.ssh = {
|
||||
enable = true;
|
||||
matchBlocks = {
|
||||
"git.bitlab21.com" = {
|
||||
identitiesOnly = true;
|
||||
identityFile = [ "~/.ssh/deploy_key-ssh-ed25519" ];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
xdg.userDirs = {
|
||||
enable = true;
|
||||
createDirectories = false;
|
||||
createDirectories = true;
|
||||
desktop = "/home/media/Desktop";
|
||||
documents = null;
|
||||
download = "/home/media/Downloads";
|
||||
|
|
|
@ -21,6 +21,16 @@
|
|||
".icons/bibata".source = "${pkgs.bibata-cursors}/share/icons/Bibata-Modern-Classic";
|
||||
};
|
||||
|
||||
programs.ssh = {
|
||||
enable = true;
|
||||
matchBlocks = {
|
||||
"git.bitlab21.com" = {
|
||||
identitiesOnly = true;
|
||||
identityFile = [ "~/.ssh/id_ed25519"];
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
home.sessionPath = [
|
||||
];
|
||||
|
||||
|
|
|
@ -44,21 +44,21 @@ in
|
|||
};
|
||||
};
|
||||
|
||||
sops.secrets."passwords/${username}" = {
|
||||
sopsFile = "${secretsFile}";
|
||||
neededForUsers = true;
|
||||
};
|
||||
|
||||
sops.secrets."ssh_keys/${username}/id_ed25519" = {
|
||||
path = "/home/${username}/.ssh/id_ed25519";
|
||||
mode = "0600";
|
||||
owner = "${username}";
|
||||
};
|
||||
|
||||
sops.secrets."ssh_keys/${username}/id_ed25519.pub" = {
|
||||
path = "/home/${username}/.ssh/id_ed25519.pub";
|
||||
mode = "0644";
|
||||
owner = "${username}";
|
||||
sops.secrets = {
|
||||
"passwords/${username}" = {
|
||||
sopsFile = "${secretsFile}";
|
||||
neededForUsers = true;
|
||||
};
|
||||
"ssh_keys/${username}/id_ed25519" = {
|
||||
path = "/home/${username}/.ssh/id_ed25519";
|
||||
mode = "0600";
|
||||
owner = "${username}";
|
||||
};
|
||||
"ssh_keys/${username}/id_ed25519.pub" = {
|
||||
path = "/home/${username}/.ssh/id_ed25519.pub";
|
||||
mode = "0644";
|
||||
owner = "${username}";
|
||||
};
|
||||
};
|
||||
|
||||
services.flatpak.enable = true;
|
||||
|
|
|
@ -23,9 +23,21 @@ in
|
|||
|
||||
};
|
||||
|
||||
sops.secrets."passwords/${username}" = {
|
||||
sopsFile = "${secretsFile}";
|
||||
neededForUsers = true;
|
||||
sops.secrets = {
|
||||
"passwords/${username}" = {
|
||||
sopsFile = "${secretsFile}";
|
||||
neededForUsers = true;
|
||||
};
|
||||
"ssh_keys/${username}/id_ed25519" = {
|
||||
path = "/home/${username}/.ssh/id_ed25519";
|
||||
mode = "0600";
|
||||
owner = "${username}";
|
||||
};
|
||||
"ssh_keys/${username}/id_ed25519.pub" = {
|
||||
path = "/home/${username}/.ssh/id_ed25519.pub";
|
||||
mode = "0644";
|
||||
owner = "${username}";
|
||||
};
|
||||
};
|
||||
|
||||
programs.zsh.enable = true;
|
||||
|
|
Loading…
Reference in New Issue