[SSH] Add H4Git key

2023-09-21 16:53:34 +02:00 · 2023-09-21 16:53:34 +02:00 · 16789bd342
commit 16789bd342
parent 4b93c35270
3 changed files with 53 additions and 13 deletions
--- a/nixos/modules/utils/sops/default.nix
+++ b/nixos/modules/utils/sops/default.nix
@ -16,21 +16,29 @@
      # Generate new keys if the key specified above does not exist
      # generateKey = true;
    };
-    secrets = {
-      "H4G0/ssh" = {
-        format = "yaml";
-        sopsFile = ../../../secrets/H4G0.yaml;
-        owner = config.users.users.tdpeuter.name;
-      };
+    secrets =
+      let
+        user = config.users.users.tdpeuter.name;
+      in {
      "GitHub/ssh" = {
        format = "yaml";
        sopsFile = ../../../secrets/GitHub.yaml;
-        owner = config.users.users.tdpeuter.name;
+        owner = user;
      };
      "GitHub-UGent/ssh" = {
        format = "yaml";
        sopsFile = ../../../secrets/GitHub-UGent.yaml;
-        owner = config.users.users.tdpeuter.name;
+        owner = user;
+      };
+      "H4G0/ssh" = {
+        format = "yaml";
+        sopsFile = ../../../secrets/H4G0.yaml;
+        owner = user;
+      };
+      "H4Git/ssh" = {
+        format = "yaml";
+        sopsFile = ../../../secrets/H4Git.yaml;
+        owner = user;
      };
    };
  };
--- a/nixos/modules/utils/ssh/default.nix
+++ b/nixos/modules/utils/ssh/default.nix
@ -1,11 +1,6 @@
 { config, lib, pkgs, ... }:

 {
-  services.openssh = {
-    enable = true;
-    settings.PasswordAuthentication = false;
-  };
-
  home-manager.users.tdpeuter = {
    programs.ssh = {
      enable = true;
@ -28,6 +23,12 @@
          identityFile = "/run/secrets/GitHub-UGent/ssh";
          user = "tdpeuter";
        };
+        "git.depeuter.dev" = {
+          hostname = "git.depeuter.dev";
+          identitiesOnly = true;
+          identityFile = "/run/secrets/H4Git/ssh";
+          user = "tdpeuter";
+        };
      };
    };
  };