colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

hosts: add pubkeys for $host-hn

Browse Source
This commit is contained in:
Colin 2024-06-18 08:35:32 +00:00
parent f9091c0b0c
commit a49abbd123
1 changed files with 11 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
hosts/common/ssh.nix
View File

@ -1,13 +1,17 @@
{ config, lib, sane-lib, ... }:
let
keysForHost = hostName: let
hostCfg = config.sane.hosts.by-name."${hostName}";
in {
"root@${hostName}" = hostCfg.ssh.host_pubkey;
"colin@${hostName}" = lib.mkIf (hostCfg.ssh.user_pubkey != null && hostCfg.ssh.authorized) hostCfg.ssh.user_pubkey;
};
hostKeys = builtins.map keysForHost (builtins.attrNames config.sane.hosts.by-name);
hostKeys = lib.mapAttrsToList
(hostName: hostCfg:
# generate `root@servo`, `colin@servo`, `root@servo-hn`, `colin@servo-hn`, ... as a single attrset:
lib.foldl' (acc: alias: acc // {
"root@${alias}" = hostCfg.ssh.host_pubkey;
"colin@${alias}" = lib.mkIf (hostCfg.ssh.user_pubkey != null && hostCfg.ssh.authorized) hostCfg.ssh.user_pubkey;
})
{}
hostCfg.names
)
config.sane.hosts.by-name;
in
{
sane.ssh.pubkeys = lib.mkMerge (hostKeys ++ [