simon/nixos-config
simon/nixos-config
1
1
Fork 0
Code Issues 8 Pull requests Actions Projects Activity
nixos-config/modules/ssh.nix
Simon Bruder 4f536a00d2
Switch home domain to shinonome-lab.de 
When having DNSSEC activated (as it is the case on sbruder.de), dnsmasq
interfering in queries for hosts on the LAN often causes problems.

This domain is specifically for the case of not having DNSSEC on it.
2023-10-27 23:54:56 +02:00

80 lines
3.5 KiB
Nix
Raw Blame History

{ config, lib, ... }:
{
services.openssh = {
enable = true;
settings = {
PermitRootLogin = "yes";
PasswordAuthentication = false;
};
};
users.users.root.openssh.authorizedKeys.keys = config.sbruder.pubkeys.trustedKeys;
programs.ssh.knownHosts = {
"[git.sbruder.de]:2022".publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINV/2NbmkWuOs/RyULTex1MkLaKrrDJFj8piX2CR+ms/";
"[personal.storagebox.sbruder.de]:23" = {
hostNames = [ "[personal.storagebox.sbruder.de]:23" ] ++ map (id: "[u313368${lib.optionalString (id != 0) "-sub${toString id}"}.your-storagebox.de]:23") (lib.range 0 100);
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIICf9svRenC/PLKIL9nk6K/pxQgoiFC41wTNvoIncOxs";
};
hitagi = {
hostNames = [ "hitagi" "hitagi.lan.shinonome-lab.de" "hitagi.vpn.sbruder.de" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIg/622wS8SFlzS29TPW9li3pNdbdHNjlGb4XTyXR0QR";
};
# TODO: replace with vueko!
vueko = {
hostNames = [ "vueko.sbruder.de" "vueko.vpn.sbruder.de" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIG8lKcWxMBM52BiwZLNf/iRywiRIZyMV4jyoHnoOL/2a root@vueko";
};
vueko-initrd = {
hostNames = [ "[vueko.sbruder.de]:2222" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDWuJy00S4eoLsuu29HR/T1RkFs4ujqe5e4tFiEINcWn vueko";
};
fuuko = {
hostNames = [ "fuuko" "fuuko.lan.shinonome-lab.de" "fuuko.sbruder.de" "fuuko.vpn.sbruder.de" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMIrUqI2CZh2ipzDNVCTNdBen8IdhbddgwQzEMWoQzNB";
};
fuuko-initrd = {
hostNames = [ "[fuuko.lan.shinonome-lab.de]:2222" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJxqaJgDOZ8FdY68o/r1YNlGvNatFtP86QoqV147g3Lb";
};
mayushii = {
hostNames = [ "mayushii" "mayushii.lan.shinonome-lab.de" "maushii.vpn.sbruder.de" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKa53rGEQtBYyjGspeS8x2OZFPjLpFgm2C7+lttEKm60";
};
renge = {
hostNames = [ "renge" "renge.sbruder.de" "renge.vpn.sbruder.de" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIObwSrDWwZOkHBzxn9+ftigWN0uUnWrtVaQpPUsYdIB9";
};
renge-initrd = {
hostNames = [ "[renge.sbruder.de]:2222" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5HmxGDJO1jkVoUdiKEC3yXrkJ1ZWn4FurGyt2UgzYu";
};
nunotaba = {
hostNames = [ "nunotaba" "nunotaba.lan.shinonome-lab.de" "nunotaba.vpn.sbruder.de" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHUEVBJcEibRdQzp0bDXpPqLGQ8vtQTKTcpGZU07W4eo";
};
okarin = {
hostNames = [ "okarin" "okarin.sbruder.xyz" "okarin.vpn.sbruder.de" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOaev8K5KhRovW75IdZ0HYlzvxxo0haeCM0xCVEOuDSa";
};
okarin-initrd = {
hostNames = [ "[okarin.sbruder.de]:2222" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINJbp0kZJEXf1gSVcBsef1Bihd5iCzhzSbjgyrC1SXXT";
};
shinobu = {
hostNames = [ "shinobu" "shinobu.lan.shinonome-lab.de" "shinobu.vpn.sbruder.de" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJJNZPT2Mmys2nw/ovX6Z1Cb4WDAaWBWanycNwF9IEjl";
};
nazuna = {
hostNames = [ "nazuna" "nazuna.sbruder.de" "nazuna.vpn.sbruder.de" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMCdrgQuomT1YDXCguxSpyn0ovegcpBjZ+kOhukIr9n/";
};
nazuna-initrd = {
hostNames = [ "[nazuna.sbruder.de]:2222" ];
publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIN/VDiagTEI5BIjTrPRkGWAH3YurcMEV8i6Q8PSnxlg3";
};
};
}
Reference in a new issue View git blame Copy permalink