ssh: manager ourself instead of using home-manager

2023-01-08 03:14:47 +00:00
parent 72d589cb2d
commit 00b681eca5
2 changed files with 6 additions and 10 deletions
--- a/modules/home-manager/ssh.nix
+++ b/modules/home-manager/ssh.nix
@@ -13,10 +13,11 @@ in lib.mkIf config.sane.home-manager.enable {
  # ssh key is stored in private storage
  sane.persist.home.private = [ ".ssh/id_ed25519" ];
  sane.fs."/home/colin/.ssh/id_ed25519.pub" = sane-lib.fs.wantedText user-pubkey;
+  sane.fs."/home/colin/.ssh/known_hosts" = sane-lib.fs.wantedText known-hosts-text;

-  home-manager.users.colin = {
-    programs.ssh.enable = true;
-    # this optionally accepts multiple known_hosts paths, separated by space.
-    programs.ssh.userKnownHostsFile = toString (pkgs.writeText "known_hosts" known-hosts-text);
-  };
+  users.users.colin.openssh.authorizedKeys.keys =
+  let
+    user-keys = filter (k: k.user == "colin") (attrValues config.sane.ssh.pubkeys);
+  in
+    map (k: k.asUserKey) user-keys;
 }