sops -> pass : add syncoid ssh key

2024-05-31 22:02:52 +02:00 · 2024-05-31 22:02:52 +02:00 · 63aa6f5831
parent 88a791d708
commit 63aa6f5831
2 changed files with 11 additions and 2 deletions
--- a/flake.nix
+++ b/flake.nix
@ -206,6 +206,15 @@
          _module.args.self = self;
          _module.args.inputs = self.inputs;
        }
+        # ssh keys
+        ({ config, ... }: {
+          users.users.root.openssh.authorizedKeys.keyFiles = [
+          # master key
+            ./nixos/assets/ssh/palo_rsa.pub
+            # backup key
+            "${config.clanCore.clanDir}/machines/chungus/facts/syncoid.ssh.id_ed25519.pub"
+          ];
+        })
        # configure nix
        ({ pkgs, ... }:
          {
--- a/nixos/machines/chungus/sync-syncoid.nix
+++ b/nixos/machines/chungus/sync-syncoid.nix
@ -1,4 +1,4 @@
-{ config, ... }:
+{ pkgs, config, ... }:
 {

  clanCore.facts.services.syncoid = {
@ -7,7 +7,7 @@
    generator.path = with pkgs; [ coreutils openssh ];
    generator.script = ''
      ssh-keygen -t ed25519 -N "" -f $secrets/syncoid.ssh.id_ed25519
-      mv $secrets/ssh.id_ed25519.pub $facts/syncoid.ssh.id_ed25519.pub
+      mv $secrets/syncoid.ssh.id_ed25519.pub $facts/syncoid.ssh.id_ed25519.pub
    '';
  };