refactor: store SSH public key through agenix

This commit is contained in:
Kiana Sheibani 2024-08-03 02:03:41 -04:00
parent 0eae8f32ae
commit 6319c69950
Signed by: toki
GPG key ID: 6CB106C25E86A9F7
3 changed files with 15 additions and 2 deletions

View file

@ -27,7 +27,7 @@
users.mutableUsers = false;
users.users.root = {
hashedPassword = "$y$j9T$bEfEX118OZZ58ypi4/D4F/$c1yDUO7hW7WnD5eGj..ZXieELAwUoSPHL4DIsDl6T.6";
openssh.authorizedKeys.keyFiles = [ ./ssh/authorized_keys ];
openssh.authorizedKeys.keys = [ (import secrets/secrets.nix).publicKey ];
};
networking.firewall.allowedTCPPorts = [ 22 80 443 ];

14
secrets/secrets.nix Normal file
View file

@ -0,0 +1,14 @@
let
publicKey =
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDemOeWGP40M495KAuylZfRHXKKr9av0QH" +
"YjQwuG5EKzoy+KH0EAtBM3MbDLX5+bCd4O4oB9H/ZWxDZFfaitTPf1nrBMA89GWAxiGwVT3" +
"U2kQL2KUIP9rXjH/KLwocqnqsljRka1McF0mijtpMhNR0jpXAOfZboHFWRE07kRacvXmhkl" +
"tcJhXiCGMYmUfFT/HroxSgV+1BM9csYItzHlHFhoB2laEQOoTE5jLxkTkqZ55W0V9QUlM1N" +
"830fvhv9z/I6PQcIPXttB4nm+339r2qA3qncRkF7j0+JIXbUkIxK7nQhv25EyFUS8WplnI7" +
"mbb2T9JWVeLsAO24WrAApbPxmu+ItKq003Qi4a/0+v6D2PCXm+YoxJlM5aHh8FZdXoIhMv7" +
"6j3lk0P0sN9Sr09gjoWkV+/rSN+3ZLCJBGS5a3LpBk3HC2ZP/mvfsd1LTDhYQBJSW0LiBZO" +
"5aRuKZrTbyY9+i75cTWjnJuvZyBDn3giSYMiVhIAcZg5dU0ySG4M28= kiana@kiana-laptop";
in
{
inherit publicKey;
}

View file

@ -1 +0,0 @@
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDemOeWGP40M495KAuylZfRHXKKr9av0QHYjQwuG5EKzoy+KH0EAtBM3MbDLX5+bCd4O4oB9H/ZWxDZFfaitTPf1nrBMA89GWAxiGwVT3U2kQL2KUIP9rXjH/KLwocqnqsljRka1McF0mijtpMhNR0jpXAOfZboHFWRE07kRacvXmhkltcJhXiCGMYmUfFT/HroxSgV+1BM9csYItzHlHFhoB2laEQOoTE5jLxkTkqZ55W0V9QUlM1N830fvhv9z/I6PQcIPXttB4nm+339r2qA3qncRkF7j0+JIXbUkIxK7nQhv25EyFUS8WplnI7mbb2T9JWVeLsAO24WrAApbPxmu+ItKq003Qi4a/0+v6D2PCXm+YoxJlM5aHh8FZdXoIhMv76j3lk0P0sN9Sr09gjoWkV+/rSN+3ZLCJBGS5a3LpBk3HC2ZP/mvfsd1LTDhYQBJSW0LiBZO5aRuKZrTbyY9+i75cTWjnJuvZyBDn3giSYMiVhIAcZg5dU0ySG4M28= kiana@kiana-laptop