hosts: add supercap

2023-11-24 07:35:58 +00:00 · 2023-11-24 07:35:58 +00:00 · e990d5a645
parent 121e86013e
commit e990d5a645
4 changed files with 20 additions and 19 deletions
--- a/hosts/common/hosts.nix
+++ b/hosts/common/hosts.nix
@ -36,4 +36,10 @@
    wg-home.endpoint = "uninsane.org:51820";
    lan-ip = "10.78.79.51";
  };
+
+  sane.hosts.by-name."supercap" = {
+    ssh.authorized = false;
+    ssh.host_pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHf/mqqkX45EWAcquV04MC3SUljTApdclH1gjI19F+PA";
+    lan-ip = "10.78.79.232";
+  };
 }
--- a/hosts/common/ssh.nix
+++ b/hosts/common/ssh.nix
@ -5,7 +5,7 @@ let
    hostCfg = config.sane.hosts.by-name."${hostName}";
  in {
    "root@${hostName}" = hostCfg.ssh.host_pubkey;
-    "colin@${hostName}" = lib.mkIf hostCfg.ssh.authorized hostCfg.ssh.user_pubkey;
+    "colin@${hostName}" = lib.mkIf (hostCfg.ssh.user_pubkey != null && hostCfg.ssh.authorized) hostCfg.ssh.user_pubkey;
  };
  hostKeys = builtins.map keysForHost (builtins.attrNames config.sane.hosts.by-name);
 in
--- a/hosts/modules/hostnames.nix
+++ b/hosts/modules/hostnames.nix
@ -1,22 +1,16 @@
+# TODO: move to hosts/common/
 { config, lib, ... }:

 {
  # give each host a shortname that all the other hosts know, to allow easy comms.
-  networking.hosts = lib.mkMerge [
-    (lib.mapAttrs' (host: cfg: {
-      # bare-name for LAN addresses
-      # if using router's DNS, these mappings will already exist.
-      # if using a different DNS provider (which servo does), then we need to explicity provide them.
-      # ugly hack. would be better to get servo to somehow use the router's DNS
-      name = cfg.lan-ip;
-      value = [ host ];
-    }) config.sane.hosts.by-name)
-
-    (lib.mapAttrs' (host: cfg: {
-      # -hn suffixed name for communication over my wg-home VPN.
-      # hn = "home network"
-      name = cfg.wg-home.ip;
-      value = [ "${host}-hn" ];
-    }) config.sane.hosts.by-name)
-  ];
+  networking.hosts = lib.mkMerge (builtins.map
+    (host: let
+      cfg = config.sane.hosts.by-name."${host}";
+    in {
+      "${cfg.lan-ip}" = [ host ];
+    } // lib.optionalAttrs (cfg.wg-home.ip != null) {
+      "${cfg.wg-home.ip}" = [ "${host}-hn" ];
+    })
+    (builtins.attrNames config.sane.hosts.by-name)
+  );
 }
--- a/hosts/modules/hosts.nix
+++ b/hosts/modules/hosts.nix
@ -13,7 +13,8 @@ let
        '';
      };
      ssh.user_pubkey = mkOption {
-        type = types.str;
+        type = types.nullOr types.str;
+        default = null;
        description = ''
          ssh pubkey that the primary user of this machine will use when connecting to other machines.
          e.g. "ssh-ed25519 AAAA<base64>".