diff --git a/sshKeys/alka_alkpc b/sshKeys/alka_alkpc deleted file mode 100644 index 9aaa77e..0000000 --- a/sshKeys/alka_alkpc +++ /dev/null @@ -1 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDEQgWigEHjD8AGv4Omzm7q3pNk3V0ycvLnsiJkt0TB2 alka@alkpc diff --git a/sshKeys/xun_nixdesk b/sshKeys/xun_nixdesk deleted file mode 100644 index 798dfec..0000000 --- a/sshKeys/xun_nixdesk +++ /dev/null @@ -1 +0,0 @@ -ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKqW5ZkBV2XCdF/ZhwC1DOfrgiLxCC2ym6BO7miHi05M xun@nixdesk diff --git a/sys/profiles/core/deploy.nix b/sys/profiles/core/deploy.nix index ad99c59..4aa6bf4 100644 --- a/sys/profiles/core/deploy.nix +++ b/sys/profiles/core/deploy.nix @@ -1,6 +1,6 @@ { lib, - self, + vars, ... }: { nix.settings.trusted-users = ["deploy"]; # trust closures created by our user @@ -18,9 +18,10 @@ password = lib.mkForce null; passwordFile = lib.mkForce null; - openssh.authorizedKeys.keyFiles = [ - (self + /sshKeys/xun_nixdesk) - (self + /sshKeys/alka_alkpc) + openssh.authorizedKeys.keys = with vars.sshKeys; [ + xun_nixdesk + xun_redmi + alka_alkpc ]; }; } diff --git a/sys/profiles/core/users.nix b/sys/profiles/core/users.nix index f9a0f2b..cb645eb 100644 --- a/sys/profiles/core/users.nix +++ b/sys/profiles/core/users.nix @@ -1,4 +1,8 @@ -{pkgs, ...}: { +{ + pkgs, + vars, + ... +}: { users.users.xun = { isNormalUser = true; initialPassword = "nixos"; @@ -12,5 +16,10 @@ "render" "audio" ]; + + openssh.authorizedKeys.keys = with vars.sshKeys; [ + xun_nixdesk + xun_redmi + ]; }; } diff --git a/vars/default.nix b/vars/default.nix index eb7b6af..3db8b6b 100644 --- a/vars/default.nix +++ b/vars/default.nix @@ -1,3 +1,8 @@ { domain = "xunuwu.xyz"; + sshKeys = { + xun_nixdesk = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKqW5ZkBV2XCdF/ZhwC1DOfrgiLxCC2ym6BO7miHi05M xun@nixdesk"; + xun_redmi = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIK2FOrgCLSoewCnDH01SmRqsCb7cR3CA6AcULrlV+180 xun@redmi"; + alka_alkpc = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDEQgWigEHjD8AGv4Omzm7q3pNk3V0ycvLnsiJkt0TB2 alka@alkpc"; + }; }