feat(ops/machines): Add a module for known SSH keys
Change-Id: I443e479f3edf9c6540de7b5a33bc6f7e2a9c5183 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5305 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Autosubmit: tazjin <tazjin@tvl.su>
This commit is contained in:
parent
b936843bb0
commit
95780174e1
3 changed files with 23 additions and 0 deletions
|
@ -14,6 +14,7 @@ let
|
||||||
in
|
in
|
||||||
{
|
{
|
||||||
imports = [
|
imports = [
|
||||||
|
(mod "known-hosts.nix")
|
||||||
(mod "tvl-users.nix")
|
(mod "tvl-users.nix")
|
||||||
(mod "www/sanduny.tvl.su.nix")
|
(mod "www/sanduny.tvl.su.nix")
|
||||||
];
|
];
|
||||||
|
|
|
@ -13,6 +13,7 @@ in
|
||||||
"${depot.path}/ops/modules/gerrit-queue.nix"
|
"${depot.path}/ops/modules/gerrit-queue.nix"
|
||||||
"${depot.path}/ops/modules/irccat.nix"
|
"${depot.path}/ops/modules/irccat.nix"
|
||||||
"${depot.path}/ops/modules/josh.nix"
|
"${depot.path}/ops/modules/josh.nix"
|
||||||
|
"${depot.path}/ops/modules/known-hosts.nix"
|
||||||
"${depot.path}/ops/modules/monorepo-gerrit.nix"
|
"${depot.path}/ops/modules/monorepo-gerrit.nix"
|
||||||
"${depot.path}/ops/modules/nixery.nix"
|
"${depot.path}/ops/modules/nixery.nix"
|
||||||
"${depot.path}/ops/modules/oauth2_proxy.nix"
|
"${depot.path}/ops/modules/oauth2_proxy.nix"
|
||||||
|
|
21
ops/modules/known-hosts.nix
Normal file
21
ops/modules/known-hosts.nix
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
# Configure public keys for SSH hosts known to TVL.
|
||||||
|
{ ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
programs.ssh.knownHosts = {
|
||||||
|
whitby = {
|
||||||
|
hostNames = [ "whitby.tvl.fyi" "whitby.tvl.su" ];
|
||||||
|
publicKey = "whitby.tvl.fyi ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILNh/w4BSKov0jdz3gKBc98tpoLta5bb87fQXWBhAl2I";
|
||||||
|
};
|
||||||
|
|
||||||
|
sanduny = {
|
||||||
|
hostNames = [ "sanduny.tvl.su" ];
|
||||||
|
publicKey = "sanduny.tvl.su ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOag0XhylaTVhmT6HB8EN2Fv5Ymrc4ZfypOXONUkykTX";
|
||||||
|
};
|
||||||
|
|
||||||
|
github = {
|
||||||
|
hostNames = [ "github.com" ];
|
||||||
|
publicKey = "github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in a new issue