mirrors_public/oddlama_nix-config
1
1
Fork 1
mirror of https://github.com/oddlama/nix-config.git synced 2025-10-11 07:10:39 +02:00
Code Activity

fix: allow default identity on any host

Browse source
This commit is contained in:
oddlama 2023-09-04 16:27:21 +02:00
parent 27d228b1c5
commit 9a16036cc9
No known key found for this signature in database
GPG key ID: 14EFE510775FE39A
1 changed files with 16 additions and 64 deletions
Download patch file Download diff file Expand all files Collapse all files

66
users/myuser/ssh.nix
View file

@ -2,73 +2,25 @@
home.file.".ssh/yubikey.pub".text = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIA5Uq+CDy5Pmt3If5M6d8K/Q7HArU6sZ7sgoj3T521Wm cardno:15 209 174";
programs.ssh = {
enable = true;
matchBlocks = let
withYubikey = {identityFile = ["~/.ssh/yubikey.pub"];};
in {
matchBlocks = {
"*" = {
identityFile = ["~/.ssh/yubikey.pub"];
identitiesOnly = true;
};
meister =
{
# TODO more from secrets nixosConfiguration.repo.secrets.global
meister = {
user = "root";
hostname = "meister.oddlama.org";
}
// withYubikey;
envoy =
{
};
envoy = {
user = "root";
hostname = "94.130.104.236";
}
// withYubikey;
vm-base =
{
};
vm-base = {
user = "root";
proxyJump = "meister";
hostname = "172.16.0.01";
}
// withYubikey;
vm-misc =
{
user = "root";
proxyJump = "meister";
hostname = "172.16.0.16";
}
// withYubikey;
vm-samba =
{
user = "root";
proxyJump = "meister";
hostname = "172.16.0.64";
}
// withYubikey;
vm-nginx =
{
user = "root";
proxyJump = "meister";
hostname = "172.16.0.128";
}
// withYubikey;
vm-radicale =
{
user = "root";
proxyJump = "meister";
hostname = "172.16.0.129";
}
// withYubikey;
vm-vaultwarden =
{
user = "root";
proxyJump = "meister";
hostname = "172.16.0.130";
}
// withYubikey;
vm-test =
{
user = "root";
proxyJump = "meister";
hostname = "172.16.0.255";
}
// withYubikey;
};
};
};
}