From dd34ba371aeb5a17960a58d418007a5083279957 Mon Sep 17 00:00:00 2001
From: sefidel <contact@sefidel.net>
Date: Wed, 15 Feb 2023 00:20:13 +0900
Subject: feat(nixos/alpha): use FHS dir for ssh

---
 nixos/alpha/configuration.nix | 13 +++----------
 nixos/default.nix             |  4 ++++
 2 files changed, 7 insertions(+), 10 deletions(-)

(limited to 'nixos')

diff --git a/nixos/alpha/configuration.nix b/nixos/alpha/configuration.nix
index 8e366e2..b549885 100644
--- a/nixos/alpha/configuration.nix
+++ b/nixos/alpha/configuration.nix
@@ -113,16 +113,9 @@
 
   services.openssh.enable = true;
   services.openssh.settings.passwordAuthentication = false;
-  services.openssh.hostKeys = [
-    {
-      path = "/persist/ssh/ssh_host_ed25519_key";
-      type = "ed25519";
-    }
-    {
-      path = "/persist/ssh/ssh_host_rsa_key";
-      type = "rsa";
-      bits = 4096;
-    }
+
+  environment.persistence."/persist".directories = [
+    "/etc/ssh"
   ];
 
   sound.enable = false;
diff --git a/nixos/default.nix b/nixos/default.nix
index f894772..33bf06d 100644
--- a/nixos/default.nix
+++ b/nixos/default.nix
@@ -9,6 +9,7 @@
       ./modules/security.nix
       ./modules/cachix
       inputs.sops-nix.nixosModules.sops
+      inputs.impermanence.nixosModules.impermanence
     ];
   };
 
@@ -26,5 +27,8 @@
     name = "kompakt";
     system = "aarch64-linux";
     nixpkgs = unstable-small;
+    extraModules = [
+      inputs.sops-nix.nixosModules.sops
+    ];
   };
 }
-- 
cgit 1.4.1