nixos-config/modules/ssh.nix

108 lines
4.7 KiB
Nix
Raw Normal View History

# SPDX-FileCopyrightText: 2020-2024 Simon Bruder <simon@sbruder.de>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
2022-08-25 17:12:56 +02:00
{ config, lib, ... }:
2020-08-22 17:44:39 +02:00
{
services.openssh = {
enable = true;
settings = {
2023-05-30 11:35:13 +02:00
PermitRootLogin = "yes";
PasswordAuthentication = false;
};
2023-05-30 11:35:13 +02:00
};
2020-08-22 17:44:39 +02:00
2020-12-05 16:42:49 +01:00
users.users.root.openssh.authorizedKeys.keys = config.sbruder.pubkeys.trustedKeys;
2021-04-04 11:29:31 +02:00
programs.ssh.knownHosts = {
"[git.sbruder.de]:2022".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINV/2NbmkWuOs/RyULTex1MkLaKrrDJFj8piX2CR+ms/";
2022-08-25 17:12:56 +02:00
"[personal.storagebox.sbruder.de]:23" = {
hostNames = [ "[personal.storagebox.sbruder.de]:23" ] ++ map (id: "[u313368${lib.optionalString (id != 0) "-sub${toString id}"}.your-storagebox.de]:23") (lib.range 0 100);
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIICf9svRenC/PLKIL9nk6K/pxQgoiFC41wTNvoIncOxs";
};
2022-08-09 15:13:50 +02:00
2022-12-30 19:52:58 +01:00
hitagi = {
hostNames = [ "hitagi" "hitagi.lan.shinonome-lab.de" "hitagi.vpn.sbruder.de" ];
2021-04-04 11:29:31 +02:00
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIg/622wS8SFlzS29TPW9li3pNdbdHNjlGb4XTyXR0QR";
};
2023-04-27 21:08:38 +02:00
# TODO: replace with vueko!
2021-04-04 11:29:31 +02:00
vueko = {
hostNames = [ "vueko.sbruder.de" "vueko.vpn.sbruder.de" ];
2023-04-27 21:08:38 +02:00
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG8lKcWxMBM52BiwZLNf/iRywiRIZyMV4jyoHnoOL/2a root@vueko";
2021-04-04 11:29:31 +02:00
};
vueko-initrd = {
hostNames = [ "[vueko.sbruder.de]:2222" ];
2023-04-27 21:08:38 +02:00
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDWuJy00S4eoLsuu29HR/T1RkFs4ujqe5e4tFiEINcWn vueko";
2021-04-04 11:29:31 +02:00
};
fuuko = {
hostNames = [ "fuuko" "fuuko.lan.shinonome-lab.de" "fuuko.sbruder.de" "fuuko.vpn.sbruder.de" ];
2021-04-04 11:29:31 +02:00
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMIrUqI2CZh2ipzDNVCTNdBen8IdhbddgwQzEMWoQzNB";
};
fuuko-initrd = {
hostNames = [ "[fuuko.lan.shinonome-lab.de]:2222" ];
2021-04-04 11:29:31 +02:00
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJxqaJgDOZ8FdY68o/r1YNlGvNatFtP86QoqV147g3Lb";
};
2021-10-10 11:43:04 +02:00
mayushii = {
hostNames = [ "mayushii" "mayushii.lan.shinonome-lab.de" "maushii.vpn.sbruder.de" ];
2021-10-10 11:43:04 +02:00
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKa53rGEQtBYyjGspeS8x2OZFPjLpFgm2C7+lttEKm60";
};
2022-03-23 15:03:08 +01:00
renge = {
hostNames = [ "renge" "renge.sbruder.de" "renge.vpn.sbruder.de" ];
2023-12-31 12:54:51 +01:00
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINIiQsRVb6LOhHPihEYlFpVvbxX+VFRf/oqJe8tHv74G";
2022-03-23 15:03:08 +01:00
};
renge-initrd = {
hostNames = [ "[renge.sbruder.de]:2222" ];
2023-12-31 12:54:51 +01:00
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINEdcOhilZzOIBbZOBMa/N6jl9aL3jKJvq03R4Z1Hkmd";
2022-03-23 15:03:08 +01:00
};
2022-06-09 17:38:24 +02:00
nunotaba = {
hostNames = [ "nunotaba" "nunotaba.lan.shinonome-lab.de" "nunotaba.vpn.sbruder.de" ];
2022-06-09 17:38:24 +02:00
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHUEVBJcEibRdQzp0bDXpPqLGQ8vtQTKTcpGZU07W4eo";
};
2023-05-06 10:54:03 +02:00
okarin = {
hostNames = [ "okarin" "okarin.sbruder.de" "okarin.vpn.sbruder.de" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJvRAiEAV0Oulii0w3xcHCb0/oHqpA0hz3bn//BQnR8T";
2023-05-06 10:54:03 +02:00
};
okarin-initrd = {
hostNames = [ "[okarin.sbruder.de]:2222" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKOV+azRrT1zICmDe9D7bm3pOaFzaT+cVXCvxgY1bAbP";
2023-05-06 10:54:03 +02:00
};
2023-07-01 12:37:12 +02:00
shinobu = {
hostNames = [ "shinobu" "shinobu.lan.shinonome-lab.de" "shinobu.vpn.sbruder.de" ];
2023-07-01 12:37:12 +02:00
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJJNZPT2Mmys2nw/ovX6Z1Cb4WDAaWBWanycNwF9IEjl";
};
2023-10-04 15:15:54 +02:00
nazuna = {
hostNames = [ "nazuna" "nazuna.sbruder.de" "nazuna.vpn.sbruder.de" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMCdrgQuomT1YDXCguxSpyn0ovegcpBjZ+kOhukIr9n/";
};
nazuna-initrd = {
hostNames = [ "[nazuna.sbruder.de]:2222" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN/VDiagTEI5BIjTrPRkGWAH3YurcMEV8i6Q8PSnxlg3";
};
2024-01-02 23:26:46 +01:00
yuzuru = {
hostNames = [ "yuzuru" "yuzuru.sbruder.de" "yuzuru.vpn.sbruder.de" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFXCG8Dck3bELx7NaKgDnFAUjO/o1iEnq0VT5dZ2P/+m";
};
yuzuru-initrd = {
hostNames = [ "[yuzuru.sbruder.de]:2222" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAcvbbHSK7x9t0Jpr4L55RTC4WRNJIgKZ1B+99PhpSX8";
};
2024-05-11 21:14:17 +02:00
koyomi = {
hostNames = [ "koyomi" "koyomi.sbruder.de" "koyomi.vpn.sbruder.de" ];
2024-08-20 23:05:02 +02:00
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP6KAN4FJoCLciJ14W9dSbfsObc8GLIP/dhG5kHiHm8B";
2024-05-11 21:14:17 +02:00
};
koyomi-initrd = {
hostNames = [ "[koyomi.sbruder.de]:2222" ];
2024-08-20 23:05:02 +02:00
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGx8YpnM1pNBIbqkfYpUnSv8VZihBItHQpCrhZ8ixlK1";
2024-05-11 21:14:17 +02:00
};
2024-08-20 18:52:27 +02:00
ci-runner = {
hostNames = [ "ci-runner" "ci-runner.sbruder.de" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHerI7UteS/Hb0XnxFGrox0VD92DJ0qc3PvCvgPjjTDp";
};
2024-05-18 15:48:01 +02:00
hiroshi = {
hostNames = [ "hiroshi" "hiroshi.sbruder.de" "hiroshi.vpn.sbruder.de" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMpTtUcPbuoqflM55C50HG4oY6dHPMaaACaAQhGxkx8x";
};
2021-04-04 11:29:31 +02:00
};
2020-08-22 17:44:39 +02:00
}