makefu/nixos-config
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

gum: ensure to deploy the correct ssh keys

Browse source
This commit is contained in:
makefu 2023-07-02 22:55:08 +02:00
parent b92ab6b0dc
commit a0d1fc42c2
1 changed files with 7 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
1systems/gum/config.nix
View file

@ -26,6 +26,8 @@ in {
]; ];
}; };
} }
../../2configs
../../2configs/nur.nix ../../2configs/nur.nix
../../2configs/support-nixos.nix ../../2configs/support-nixos.nix
../../2configs/nix-community/supervision.nix ../../2configs/nix-community/supervision.nix
@ -222,9 +224,12 @@ in {
# makefu.dl-dir = "/var/download"; # makefu.dl-dir = "/var/download";
makefu.dl-dir = "/media/cloud/download/finished"; makefu.dl-dir = "/media/cloud/download/finished";
sops.secrets."ssh_host_rsa_key" = {};
sops.secrets."ssh_host_ed25519_key" = {};
services.openssh.hostKeys = lib.mkForce [ services.openssh.hostKeys = lib.mkForce [
{ bits = 4096; path = (toString <secrets/ssh_host_rsa_key>); type = "rsa"; } { bits = 4096; path = (config.sops.secrets."ssh_host_rsa_key".path); type = "rsa"; }
{ path = (toString <secrets/ssh_host_ed25519_key>); type = "ed25519"; } ]; { path = config.sops.secrets."ssh_host_ed25519_key".path; type = "ed25519"; } ];
###### stable ###### stable
security.acme.certs."cgit.euer.krebsco.de" = { security.acme.certs."cgit.euer.krebsco.de" = {
email = "letsencrypt@syntax-fehler.de"; email = "letsencrypt@syntax-fehler.de";