From c551a417940f9c66b4346c5813c2550f06269380 Mon Sep 17 00:00:00 2001
From: sefidel <contact@sefidel.net>
Date: Thu, 2 Feb 2023 18:47:44 +0900
Subject: feat(colmena/cobalt): use impermanence

---
 colmena/cobalt/configuration.nix | 17 ++++++++++++++---
 colmena/default.nix              |  1 +
 2 files changed, 15 insertions(+), 3 deletions(-)

(limited to 'colmena')

diff --git a/colmena/cobalt/configuration.nix b/colmena/cobalt/configuration.nix
index b3d05b9..e115859 100644
--- a/colmena/cobalt/configuration.nix
+++ b/colmena/cobalt/configuration.nix
@@ -109,11 +109,22 @@ in
   users.users.root.openssh.authorizedKeys.keys = [ "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDi7GGOGVj1Y5Sc1EW6zEdrp78dS6hvmS348pqu9dUsB openpgp:0x6BE7BD6F" ];
   services.openssh.enable = true;
   services.openssh.permitRootLogin = "prohibit-password";
-
-  nix.nixPath = [
-    "nixos-config=/persist/etc/nixos"
+  # mkdir -p /persist/etc/ssh
+  services.openssh.hostKeys = [
+    {
+      path = "/persist/ssh/ssh_host_ed25519_key";
+      type = "ed25519";
+    }
+    {
+      path = "/persist/ssh/ssh_host_rsa_key";
+      type = "rsa";
+      bits = 4096;
+    }
   ];
 
+  # impermanence requirement
+  fileSystems."/persist".neededForBoot = true;
+
   # This value determines the NixOS release from which the default
   # settings for stateful data, like file locations and database versions
   # on your system were taken. It‘s perfectly fine and recommended to leave
diff --git a/colmena/default.nix b/colmena/default.nix
index 2fa7bc6..99945e6 100644
--- a/colmena/default.nix
+++ b/colmena/default.nix
@@ -17,6 +17,7 @@
   cobalt = self.lib.mkColmena {
     name = "cobalt";
     system = "x86_64-linux";
+    inputs = inputs;
     deployment = {
       targetHost = "cobalt.sefidel.com";
       targetPort = 22;
-- 
cgit 1.4.1