f3ee312dad
modules/ssh: start sshd as early in the boot as possible
...
this allows more scenarios to be recoverable
2024-11-11 20:35:47 +00:00
c380f61bea
fix "rescue" host to eval again
2024-02-28 14:19:45 +00:00
00bf2f79cc
ssh: clean up /etc/ssh/host_keys persistence
2024-02-25 05:19:44 +00:00
879d01ac2e
modules/ssh: note that theres a better store to place the ssh host_keys in
2024-02-24 12:14:14 +00:00
4023960dc0
README: MANUAL MIGRATION: move "plaintext" store to /nix/persist/plaintext
...
to migrate the data:
```sh
$ sudo mkdir /nix/persist/plaintext
$ sudo mv /nix/persist/{etc,home,var} /nix/persist/plaintext
$ sudo ln -s plaintext/etc /nix/persist/etc #< temporarily; if deploying over ssh
$ switch
$ reboot
$ sudo rm /nix/persist/etc #< if you did the symlink earlier
```
2024-02-23 18:02:17 +00:00
28d4a4b065
persistence: move stores behind a byStore attr to support disabling persistence altogether (for e.g. rescue image)
2023-11-08 15:33:15 +00:00
d13bcc49ab
refactor hosts directory, and move ssh keys out of modules/data
...
longer-term, i want hosts/by-name to define host-specific data
that's accessible via the other hosts (things like pubkeys).
also the secrets management needs some rethinking. there's really not
much point in me specifiying where *exactly* a secret comes from at its
use site. i should really be specifying secret store manifests; i.e.
"servo.yaml contains secrets X Y and Z", and leaving the rest up to
auto-computing.
2023-01-19 23:23:43 +00:00
71fc1a2fd7
ssh: define system-wide knownHosts
2023-01-08 08:51:06 +00:00
a457fc1416
ssh: move sys config out of hosts/common
2023-01-08 08:43:23 +00:00
72d589cb2d
ssh: port to modules system
2023-01-08 03:07:57 +00:00
