From 1721546410c3fe040d65936506ffa23f7b148d0c Mon Sep 17 00:00:00 2001
From: colin <colin@uninsane.org>
Date: Mon, 24 Oct 2022 01:33:14 -0700
Subject: [PATCH] store ssh keys in ~/private, where they're encrypted

---
 modules/universal/home-manager/default.nix | 4 ++++
 modules/universal/users.nix                | 1 -
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/modules/universal/home-manager/default.nix b/modules/universal/home-manager/default.nix
index 2f11c438..f38e65bf 100644
--- a/modules/universal/home-manager/default.nix
+++ b/modules/universal/home-manager/default.nix
@@ -93,6 +93,10 @@ in
         };
       };
 
+      # ssh key is stored in private storage
+      home.file.".ssh/id_ed25519".source = config.lib.file.mkOutOfStoreSymlink "/home/colin/private/.ssh/id_ed25519";
+      home.file.".ssh/id_ed25519.pub".text = (import ../pubkeys.nix)."${sysconfig.networking.hostName}";
+
       # XDG defines things like ~/Desktop, ~/Downloads, etc.
       # these clutter the home, so i mostly don't use them.
       xdg.userDirs = {
diff --git a/modules/universal/users.nix b/modules/universal/users.nix
index 55e72c0a..a34adeb1 100644
--- a/modules/universal/users.nix
+++ b/modules/universal/users.nix
@@ -70,7 +70,6 @@ in
       ".cache"
       ".cargo"
       ".rustup"
-      ".ssh"
       ".local/share/keyrings"
     ];