proprifié un peu ssh root

This commit is contained in:
catvayor 2024-03-28 10:44:37 +01:00
parent a9c479c9ce
commit c53cb64d61
5 changed files with 16 additions and 16 deletions

View file

@ -16,7 +16,7 @@ in {
imports = [ imports = [
./machines/kat-probook/configuration.nix ./machines/kat-probook/configuration.nix
users.root (users.root { ssh = false; })
users.catvayor users.catvayor
]; ];
networking.hostName = name; networking.hostName = name;
@ -26,12 +26,9 @@ in {
deployment.targetHost = "r86s.kat"; deployment.targetHost = "r86s.kat";
imports = [ imports = [
./machines/kat-r86s/configuration.nix ./machines/kat-r86s/configuration.nix
users.root (users.root { ssh = true; })
]; ];
networking.hostName = name; networking.hostName = name;
users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor"
];
}; };
kat-test = { name, nodes, ... }: { kat-test = { name, nodes, ... }: {
@ -42,13 +39,10 @@ in {
imports = [ imports = [
./machines/kat-test/configuration.nix ./machines/kat-test/configuration.nix
users.root (users.root { ssh = true; })
users.catvayor users.catvayor
]; ];
networking.hostName = name; networking.hostName = name;
users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor"
];
home-manager.users.catvayor = { home-manager.users.catvayor = {
imports = [ mods.home.mail ]; imports = [ mods.home.mail ];
}; };
@ -59,11 +53,10 @@ in {
imports = [ imports = [
./machines/kat-virt/configuration.nix ./machines/kat-virt/configuration.nix
users.root (users.root { ssh = true; })
]; ];
networking.hostName = name; networking.hostName = name;
users.users.root.openssh.authorizedKeys.keys = [ users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor"
"ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvi5VUsDrwS4XqQQfFFIx1JoRDPVdtChUQWqKFbPFtP8gH51woXiKtKRbDebL0z/EmkdYKxxIkzixHTR5xQXjo8JiFZbwldZi5IvMr3x//ad9sVyOhmbRx1DXLKjyOdWyo+w0vORvbEDu2lHktfSvhHGrvUHfFc3EY+cAl7IImgGEeGNPruAuNkN90Lth9QgwJVsdOEs9j7hwwKtpfMMETL5tkW34Nu7io03+SaPxwi2xLuWTdTklfZ7GWYtG2w/hFkzDbkW97rp5dxB1HO58cPqyRlqyfhZFpiUmWlyuMba3Tip6JarCa52IpFffEIDR0CSeh5CFPoeppo/TPDiXDie370TjjQpxJiG+9PobBhmChH5FmQ/lksffI/WimqpVO7Ixf5cYiHN5Z0mgJgZsXwI3YPICQLA8ebSKHA8+mdmkunDmCBRaBj1qEgkp/UoYqXT6BjBm07nOsnL+3SG/yfx4fLotgWtdm2mkjEAG+OGVR7G3Vk/POxn0EqX7Z+gU= sylvain@idefix" "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQCvi5VUsDrwS4XqQQfFFIx1JoRDPVdtChUQWqKFbPFtP8gH51woXiKtKRbDebL0z/EmkdYKxxIkzixHTR5xQXjo8JiFZbwldZi5IvMr3x//ad9sVyOhmbRx1DXLKjyOdWyo+w0vORvbEDu2lHktfSvhHGrvUHfFc3EY+cAl7IImgGEeGNPruAuNkN90Lth9QgwJVsdOEs9j7hwwKtpfMMETL5tkW34Nu7io03+SaPxwi2xLuWTdTklfZ7GWYtG2w/hFkzDbkW97rp5dxB1HO58cPqyRlqyfhZFpiUmWlyuMba3Tip6JarCa52IpFffEIDR0CSeh5CFPoeppo/TPDiXDie370TjjQpxJiG+9PobBhmChH5FmQ/lksffI/WimqpVO7Ixf5cYiHN5Z0mgJgZsXwI3YPICQLA8ebSKHA8+mdmkunDmCBRaBj1qEgkp/UoYqXT6BjBm07nOsnL+3SG/yfx4fLotgWtdm2mkjEAG+OGVR7G3Vk/POxn0EqX7Z+gU= sylvain@idefix"
]; ];
}; };
@ -77,7 +70,7 @@ in {
imports = [ imports = [
<nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal-new-kernel-no-zfs.nix> <nixpkgs/nixos/modules/installer/cd-dvd/installation-cd-minimal-new-kernel-no-zfs.nix>
users.root (users.root { ssh = true; })
]; ];
networking = { networking = {
@ -91,9 +84,6 @@ in {
boot.supportedFilesystems = [ "bcachefs" ]; boot.supportedFilesystems = [ "bcachefs" ];
programs.zsh.enable = true; programs.zsh.enable = true;
services.openssh.enable = true; services.openssh.enable = true;
users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor"
];
environment.etc = { environment.etc = {
"config_base.nix" = { "config_base.nix" = {

View file

@ -64,6 +64,7 @@
colmena colmena
tree tree
lazygit lazygit
nix-output-monitor
]; ];
fonts.packages = with pkgs; [ fonts.packages = with pkgs; [
fira-code-nerdfont fira-code-nerdfont

View file

@ -1,6 +1,8 @@
{ config, pkgs, lib, mods, ... }: { config, pkgs, lib, mods, ... }:
{ {
imports = with mods.global; [ sway ]; imports = with mods.global; [ sway ];
programs.zsh.enable = true;
users.users.catvayor = { users.users.catvayor = {
shell = pkgs.zsh; shell = pkgs.zsh;
isNormalUser = true; isNormalUser = true;

View file

@ -1,4 +1,4 @@
{ {
catvayor = ./catvayor.nix; catvayor = ./catvayor.nix;
root = ./root.nix; root = import ./root.nix;
} }

View file

@ -1,8 +1,15 @@
{ ssh }:
{ config, lib, pkgs, mods, ... }: { config, lib, pkgs, mods, ... }:
{ {
programs.zsh.enable = true;
users.users.root.shell = pkgs.zsh; users.users.root.shell = pkgs.zsh;
home-manager.users.root = { home-manager.users.root = {
home.stateVersion = "23.11"; home.stateVersion = "23.11";
imports = with mods.home; [ neovim zsh ]; imports = with mods.home; [ neovim zsh ];
}; };
} // lib.attrsets.optionalAttrs ssh {
users.users.root.openssh.authorizedKeys.keys = [
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAA16foz+XzwKwyIR4wFgNIAE3Y7AfXyEsUZFVVz8Rie catvayor@katvayor"
];
services.openssh.enable = true;
} }