From b3caff8ae617ef8a3a432452f2b1e65196fb0441 Mon Sep 17 00:00:00 2001
From: Ingolf Wagner <contact@ingolf-wagner.de>
Date: Mon, 1 May 2023 15:46:51 +0200
Subject: [PATCH] chungus: take care of remote unlock

---
 flake.lock                                           | 8 ++++----
 nixos/components/network/sshd/known-hosts-bootup.nix | 4 ++++
 nixos/machines/chungus/configuration.nix             | 8 ++++----
 3 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/flake.lock b/flake.lock
index a2363b8..4f13c1a 100644
--- a/flake.lock
+++ b/flake.lock
@@ -847,11 +847,11 @@
     },
     "private_assets": {
       "locked": {
-        "lastModified": 1680777934,
-        "narHash": "sha256-/rwZWwylNzgZwVfaH0qgxOXurfWEK/kXzN2C+a1psCI=",
+        "lastModified": 1682948724,
+        "narHash": "sha256-hTSiqRTpKuPksq5vsAO0pIuHdYIaL5EGrmN0T6C3oog=",
         "ref": "refs/heads/main",
-        "rev": "3dfb08abebc5ac3fea1882c63598bea48b783fcd",
-        "revCount": 9,
+        "rev": "84460fabef41115fa12323c9eaf89abfbe76f22f",
+        "revCount": 10,
         "type": "git",
         "url": "file:///home/palo/dev/nixos/nixos-private-assets"
       },
diff --git a/nixos/components/network/sshd/known-hosts-bootup.nix b/nixos/components/network/sshd/known-hosts-bootup.nix
index cfe91af..2c3b29c 100644
--- a/nixos/components/network/sshd/known-hosts-bootup.nix
+++ b/nixos/components/network/sshd/known-hosts-bootup.nix
@@ -8,6 +8,10 @@ let
       # SHA256:aOZbqpgc5CcTNtRAzjuG/0BQZ9MF5c9u/N+UC88y8kI
       publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB5K4UHD8cIcXB33UiOj5vyXJj+4CyyiLFDMwcyad92a";
     };
+    chungus = {
+      onionId = fileContents "${private_assets}/onion_id_chungus";
+      publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHJpPfGAiARWgZbID+2IIT9dbo/PqgG/pkFsBaBUKGiu";
+    };
 
   };
 
diff --git a/nixos/machines/chungus/configuration.nix b/nixos/machines/chungus/configuration.nix
index f35f7c2..30e11db 100644
--- a/nixos/machines/chungus/configuration.nix
+++ b/nixos/machines/chungus/configuration.nix
@@ -51,10 +51,10 @@
 
   # todo : rename to component.init.ssh
   # todo : make tor optional
-  #configuration.init-ssh = {
-  #  enable = "prepared";
-  #  kernelModules = [ "e1000e" ];
-  #};
+  configuration.init-ssh = {
+    enable = "enabled";
+    kernelModules = [ "e1000e" ];
+  };
 
   # just enable lan
   #networking.dhcpcd.allowInterfaces = [ "enp0s25" ];