diff options
| author | sefidel <contact@sefidel.net> | 2023-02-15 00:20:13 +0900 |
|---|---|---|
| committer | sefidel <contact@sefidel.net> | 2023-02-15 00:20:13 +0900 |
| commit | dd34ba371aeb5a17960a58d418007a5083279957 (patch) | |
| tree | 1dd19c1f528446f02f8360b540408d6a2b380ee6 | |
| parent | f2166db444cbacbc2c49c95fcd6981f0774e5a7f (diff) | |
| download | nixrc-dd34ba371aeb5a17960a58d418007a5083279957.zip | |
feat(nixos/alpha): use FHS dir for ssh
| -rw-r--r-- | nixos/alpha/configuration.nix | 13 | ||||
| -rw-r--r-- | nixos/default.nix | 4 |
2 files changed, 7 insertions, 10 deletions
diff --git a/nixos/alpha/configuration.nix b/nixos/alpha/configuration.nix index 8e366e2..b549885 100644 --- a/nixos/alpha/configuration.nix +++ b/nixos/alpha/configuration.nix @@ -113,16 +113,9 @@ services.openssh.enable = true; services.openssh.settings.passwordAuthentication = false; - services.openssh.hostKeys = [ - { - path = "/persist/ssh/ssh_host_ed25519_key"; - type = "ed25519"; - } - { - path = "/persist/ssh/ssh_host_rsa_key"; - type = "rsa"; - bits = 4096; - } + + environment.persistence."/persist".directories = [ + "/etc/ssh" ]; sound.enable = false; diff --git a/nixos/default.nix b/nixos/default.nix index f894772..33bf06d 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -9,6 +9,7 @@ ./modules/security.nix ./modules/cachix inputs.sops-nix.nixosModules.sops + inputs.impermanence.nixosModules.impermanence ]; }; @@ -26,5 +27,8 @@ name = "kompakt"; system = "aarch64-linux"; nixpkgs = unstable-small; + extraModules = [ + inputs.sops-nix.nixosModules.sops + ]; }; } |