diff --git a/machines/core-services-01/configuration.nix b/machines/core-services-01/configuration.nix index d3f334a..5f0e145 100644 --- a/machines/core-services-01/configuration.nix +++ b/machines/core-services-01/configuration.nix @@ -76,9 +76,9 @@ # Enable the OpenSSH daemon. services.openssh.enable = true; users.users.root.openssh.authorizedKeys.keyFiles = [ - ../../pubkeys/gdd.keys - ../../pubkeys/raito.keys - ../../pubkeys/mrf.keys + ../pubkeys/gdd.keys + ../pubkeys/raito.keys + ../pubkeys/mrf.keys ]; # Open ports in the firewall. diff --git a/machines/core-services-01/netboot-server.nix b/machines/core-services-01/netboot-server.nix index 14f4d40..1c28cd8 100644 --- a/machines/core-services-01/netboot-server.nix +++ b/machines/core-services-01/netboot-server.nix @@ -13,8 +13,8 @@ let # Enable sshd wich gets disabled by netboot-minimal.nix systemd.services.sshd.wantedBy = mkOverride 0 [ "multi-user.target" ]; users.users.root.openssh.authorizedKeys.keyFiles = [ - ../../pubkeys/gdd.keys - ../../pubkeys/raito.keys + ../pubkeys/gdd.keys + ../pubkeys/raito.keys ]; programs.mosh.enable = true; diff --git a/machines/core-services-01/secrets/secrets.nix b/machines/core-services-01/secrets/secrets.nix index a581591..0455e41 100644 --- a/machines/core-services-01/secrets/secrets.nix +++ b/machines/core-services-01/secrets/secrets.nix @@ -1,7 +1,7 @@ let pkgs = import {}; lib = pkgs.lib; - readPubkeys = user: builtins.filter (k: k != "") (lib.splitString "\n" (builtins.readFile (../../../pubkeys + "/${user}.keys"))); + readPubkeys = user: builtins.filter (k: k != "") (lib.splitString "\n" (builtins.readFile (../../pubkeys + "/${user}.keys"))); superadmins = (readPubkeys "raito") ++ (readPubkeys "gdd") ++ (readPubkeys "mrf"); core-services-01 = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILrnZxP4OUGDzd1uykMghzFNLH0Fg42hH+0qxif6O6oU"; systems = [ core-services-01 ]; diff --git a/pubkeys/gdd.keys b/machines/pubkeys/gdd.keys similarity index 100% rename from pubkeys/gdd.keys rename to machines/pubkeys/gdd.keys diff --git a/pubkeys/hackens-milieu.keys b/machines/pubkeys/hackens-milieu.keys similarity index 100% rename from pubkeys/hackens-milieu.keys rename to machines/pubkeys/hackens-milieu.keys diff --git a/pubkeys/mrf.keys b/machines/pubkeys/mrf.keys similarity index 100% rename from pubkeys/mrf.keys rename to machines/pubkeys/mrf.keys diff --git a/pubkeys/raito.keys b/machines/pubkeys/raito.keys similarity index 100% rename from pubkeys/raito.keys rename to machines/pubkeys/raito.keys diff --git a/pubkeys/remote-builders.keys b/machines/pubkeys/remote-builders.keys similarity index 100% rename from pubkeys/remote-builders.keys rename to machines/pubkeys/remote-builders.keys diff --git a/machines/public-cof/configuration.nix b/machines/public-cof/configuration.nix index 46afed6..a99f713 100644 --- a/machines/public-cof/configuration.nix +++ b/machines/public-cof/configuration.nix @@ -45,9 +45,9 @@ # Enable the OpenSSH daemon. services.openssh.enable = true; users.users.root.openssh.authorizedKeys.keyFiles = [ - ../../pubkeys/gdd.keys - ../../pubkeys/raito.keys - ../../pubkeys/mrf.keys + ../pubkeys/gdd.keys + ../pubkeys/raito.keys + ../pubkeys/mrf.keys ]; system.stateVersion = "21.05"; diff --git a/machines/public-cof/secrets/secrets.nix b/machines/public-cof/secrets/secrets.nix index 798cb84..3f8a62a 100644 --- a/machines/public-cof/secrets/secrets.nix +++ b/machines/public-cof/secrets/secrets.nix @@ -1,7 +1,7 @@ let pkgs = import {}; lib = pkgs.lib; - readPubkeys = user: builtins.filter (k: k != "") (lib.splitString "\n" (builtins.readFile (../../../pubkeys + "/${user}.keys"))); + readPubkeys = user: builtins.filter (k: k != "") (lib.splitString "\n" (builtins.readFile (../../pubkeys + "/${user}.keys"))); superadmins = (readPubkeys "raito") ++ (readPubkeys "gdd"); public-cof = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDUe/w7e3+KIa1YPFH9FGapDWM/sWOvOCcYXNlnIWypg"; systems = [ public-cof ]; diff --git a/machines/remote-builder-01/configuration.nix b/machines/remote-builder-01/configuration.nix index 41936bd..ad971fb 100644 --- a/machines/remote-builder-01/configuration.nix +++ b/machines/remote-builder-01/configuration.nix @@ -62,9 +62,9 @@ # Enable the OpenSSH daemon. services.openssh.enable = true; users.users.root.openssh.authorizedKeys.keyFiles = [ - ../../pubkeys/gdd.keys - ../../pubkeys/raito.keys - ../../pubkeys/remote-builders.keys + ../pubkeys/gdd.keys + ../pubkeys/raito.keys + ../pubkeys/remote-builders.keys ]; # Open ports in the firewall.