sam
/
nixos
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

modified home ssh to be user specific

This commit is contained in:
Sam 2024-05-25 20:26:55 +01:00
parent efa11640e8
commit 5b942d4708
7 changed files with 55 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
flake.lock
View File

@ -228,11 +228,11 @@
"nix-secrets": {
"flake": false,
"locked": {
"lastModified": 1716469326,
"narHash": "sha256-Y/oaOb0bR3VECHznlAh16DpTqDy54Ldhvupu9AOqF6E=",
"lastModified": 1716659471,
"narHash": "sha256-Wh43usJoW7JQnO1ZnPgg4ivHCXzGkMd2KswV9MeniUo=",
"ref": "refs/heads/master",
"rev": "be937cfd892ca1a027982f2a94f6b035623353c7",
"revCount": 33,
"rev": "72490bd6af1c40712577bf2d5f96927bd557a6a7",
"revCount": 34,
"type": "git",
"url": "ssh://git@git.bitlab21.com/sam/nix-secrets.git"
},

1
home/common/core/default.nix
View File

@ -2,6 +2,5 @@
{
imports = [
./zsh.nix
./ssh.nix
] ;
}

13
home/common/core/ssh.nix
View File

@ -1,13 +0,0 @@
{ config, pkgs, ... }:
{
programs.ssh = {
enable = true;
matchBlocks = {
"git.bitlab21.com" = {
identitiesOnly = true;
identityFile = "~/.ssh/deploy_key-ssh-ed25519";
};
};
};
}

12
home/users/media/default.nix
View File

@ -9,9 +9,19 @@
inputs.impermanence.nixosModules.home-manager.impermanence
] ++ (builtins.attrValues outputs.homeManagerModules); # import all homeManagerModules?
programs.ssh = {
enable = true;
matchBlocks = {
"git.bitlab21.com" = {
identitiesOnly = true;
identityFile = [ "~/.ssh/deploy_key-ssh-ed25519" ];
};
};
};
xdg.userDirs = {
enable = true;
createDirectories = false;
createDirectories = true;
desktop = "/home/media/Desktop";
documents = null;
download = "/home/media/Downloads";

10
home/users/sam/default.nix
View File

@ -21,6 +21,16 @@
".icons/bibata".source = "${pkgs.bibata-cursors}/share/icons/Bibata-Modern-Classic";
};
programs.ssh = {
enable = true;
matchBlocks = {
"git.bitlab21.com" = {
identitiesOnly = true;
identityFile = [ "~/.ssh/id_ed25519"];
};
};
};
home.sessionPath = [
];

30
hosts/common/users/media/default.nix
View File

@ -44,21 +44,21 @@ in
};
};
sops.secrets."passwords/${username}" = {
sopsFile = "${secretsFile}";
neededForUsers = true;
};
sops.secrets."ssh_keys/${username}/id_ed25519" = {
path = "/home/${username}/.ssh/id_ed25519";
mode = "0600";
owner = "${username}";
};
sops.secrets."ssh_keys/${username}/id_ed25519.pub" = {
path = "/home/${username}/.ssh/id_ed25519.pub";
mode = "0644";
owner = "${username}";
sops.secrets = {
"passwords/${username}" = {
sopsFile = "${secretsFile}";
neededForUsers = true;
};
"ssh_keys/${username}/id_ed25519" = {
path = "/home/${username}/.ssh/id_ed25519";
mode = "0600";
owner = "${username}";
};
"ssh_keys/${username}/id_ed25519.pub" = {
path = "/home/${username}/.ssh/id_ed25519.pub";
mode = "0644";
owner = "${username}";
};
};
services.flatpak.enable = true;

18
hosts/common/users/sam/default.nix
View File

@ -23,9 +23,21 @@ in
};
sops.secrets."passwords/${username}" = {
sopsFile = "${secretsFile}";
neededForUsers = true;
sops.secrets = {
"passwords/${username}" = {
sopsFile = "${secretsFile}";
neededForUsers = true;
};
"ssh_keys/${username}/id_ed25519" = {
path = "/home/${username}/.ssh/id_ed25519";
mode = "0600";
owner = "${username}";
};
"ssh_keys/${username}/id_ed25519.pub" = {
path = "/home/${username}/.ssh/id_ed25519.pub";
mode = "0644";
owner = "${username}";
};
};
programs.zsh.enable = true;