aboutsummaryrefslogtreecommitdiff
path: root/colmena
diff options
context:
space:
mode:
authorsefidel <contact@sefidel.net>2023-02-02 18:47:44 +0900
committersefidel <contact@sefidel.net>2023-02-02 18:47:44 +0900
commitc551a417940f9c66b4346c5813c2550f06269380 (patch)
tree969ee5bb2f179db027ea8ef935f70d94ceb086dd /colmena
parentcf86cf37ea7413471b9c4461f4816206a305e7b9 (diff)
downloadnixrc-c551a417940f9c66b4346c5813c2550f06269380.zip
feat(colmena/cobalt): use impermanence
Diffstat (limited to 'colmena')
-rw-r--r--colmena/cobalt/configuration.nix17
-rw-r--r--colmena/default.nix1
2 files changed, 15 insertions, 3 deletions
diff --git a/colmena/cobalt/configuration.nix b/colmena/cobalt/configuration.nix
index b3d05b9..e115859 100644
--- a/colmena/cobalt/configuration.nix
+++ b/colmena/cobalt/configuration.nix
@@ -109,11 +109,22 @@ in
users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDi7GGOGVj1Y5Sc1EW6zEdrp78dS6hvmS348pqu9dUsB openpgp:0x6BE7BD6F" ];
services.openssh.enable = true;
services.openssh.permitRootLogin = "prohibit-password";
-
- nix.nixPath = [
- "nixos-config=/persist/etc/nixos"
+ # mkdir -p /persist/etc/ssh
+ services.openssh.hostKeys = [
+ {
+ path = "/persist/ssh/ssh_host_ed25519_key";
+ type = "ed25519";
+ }
+ {
+ path = "/persist/ssh/ssh_host_rsa_key";
+ type = "rsa";
+ bits = 4096;
+ }
];
+ # impermanence requirement
+ fileSystems."/persist".neededForBoot = true;
+
# This value determines the NixOS release from which the default
# settings for stateful data, like file locations and database versions
# on your system were taken. It‘s perfectly fine and recommended to leave
diff --git a/colmena/default.nix b/colmena/default.nix
index 2fa7bc6..99945e6 100644
--- a/colmena/default.nix
+++ b/colmena/default.nix
@@ -17,6 +17,7 @@
cobalt = self.lib.mkColmena {
name = "cobalt";
system = "x86_64-linux";
+ inputs = inputs;
deployment = {
targetHost = "cobalt.sefidel.com";
targetPort = 22;
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-11 00:03:03 +0000