diff --git a/README.md b/README.md index b74945e..707129a 100644 --- a/README.md +++ b/README.md @@ -19,8 +19,7 @@ nix run - Clone this repo at `/etc/nixos` - Edit `flake.nix` and - add your Linux's hostname in the `nixosConfigurations` set, as well as - - update `people.myself` to your desired username. - - put your SSH keys in `./nixos/takemessh` + - update `users.nix` to contain your user(s) information - Run `nix run`. That's it. Re-open your shell. - macOS: - Install Nix normally (multi-user) diff --git a/config.nix b/config.nix index 8368415..32f7c60 100644 --- a/config.nix +++ b/config.nix @@ -8,6 +8,12 @@ let email = lib.mkOption { type = lib.types.str; }; + sshKeyPub = lib.mkOption { + type = lib.types.str; + description = '' + SSH public key + ''; + }; }; }; peopleSubmodule = lib.types.submodule { diff --git a/flake.nix b/flake.nix index f694bac..a443d57 100644 --- a/flake.nix +++ b/flake.nix @@ -50,16 +50,7 @@ people = { myself = "srid"; - users = { - srid = { - name = "Sridhar Ratnakumar"; - email = "srid@srid.ca"; - }; - uday = { - name = "Uday Kiran"; - email = "udaycruise2903@gmail.com"; - }; - }; + users = import ./users.nix; }; flake = { diff --git a/nixos/default.nix b/nixos/default.nix index d3d304b..66641a8 100644 --- a/nixos/default.nix +++ b/nixos/default.nix @@ -27,7 +27,7 @@ in inputs.agenix.nixosModule ./caches ./self-ide.nix - ./takemessh + ./ssh-authorize.nix ./current-location.nix ]; }; diff --git a/nixos/ssh-authorize.nix b/nixos/ssh-authorize.nix new file mode 100644 index 0000000..6ee3c83 --- /dev/null +++ b/nixos/ssh-authorize.nix @@ -0,0 +1,18 @@ +{ config, pkgs, lib, flake, ... }: + +{ + # Let me login + users.users = + let + people = flake.config.people; + myPubKey = people.users.${people.myself}.sshKeyPub; + in + { + root.openssh.authorizedKeys.keys = [ + myPubKey + ]; + ${people.myself}.openssh.authorizedKeys.keys = [ + myPubKey + ]; + }; +} diff --git a/nixos/takemessh/default.nix b/nixos/takemessh/default.nix deleted file mode 100644 index abbcdf0..0000000 --- a/nixos/takemessh/default.nix +++ /dev/null @@ -1,9 +0,0 @@ -{ config, pkgs, lib, flake, ... }: - -{ - # Let me login - users.users = { - root.openssh.authorizedKeys.keys = [ (builtins.readFile ./id_rsa.pub) ]; - ${flake.config.people.myself}.openssh.authorizedKeys.keys = [ (builtins.readFile ./id_rsa.pub) ]; - }; -} diff --git a/nixos/takemessh/id_rsa.pub b/nixos/takemessh/id_rsa.pub deleted file mode 100644 index 1f1160b..0000000 --- a/nixos/takemessh/id_rsa.pub +++ /dev/null @@ -1 +0,0 @@ -ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYQ003p7fB5ICQehLwhDBomY9WzkNBeijkSw9ADGU+ECrPakeIH3pntUWRJH1W93vKnLqpkn6HLGEXD9MCR0s98uhh8hT7uAYCxQTbEeKT3PYkfz3oe7XaR8rE601sds0ZyFwH7l8cvK97pGr+uhFXAaohiV6VqmLVXhManEjZZ8GfYWBD9BCmIJk43G3OGa5QYFeHqztprXaJNU5dFPv2Uq2C+L6EvfCfkK2OO1BLZgL+Rai5jjyy6k0fcfsxxd9BdGUwqDhcBeyTIzX9rePMugf/xD+6uNRxTU+vjVpGUtFOw6rpgmVyFv9mn3QMNdQBc5hYKVbIQwMNGTzGgcQv srid@nixos diff --git a/secrets/secrets.nix b/secrets/secrets.nix index 3385eb7..19a7415 100644 --- a/secrets/secrets.nix +++ b/secrets/secrets.nix @@ -1,6 +1,6 @@ let keys = [ - (builtins.readFile ../nixos/takemessh/id_rsa.pub) + (import ../users.nix).srid.sshKeyPub (import ../systems/hetzner/ax41.info.nix).hostKeyPub ]; in diff --git a/users.nix b/users.nix new file mode 100644 index 0000000..61900b4 --- /dev/null +++ b/users.nix @@ -0,0 +1,11 @@ +{ + srid = { + name = "Sridhar Ratnakumar"; + email = "srid@srid.ca"; + sshKeyPub = "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCYQ003p7fB5ICQehLwhDBomY9WzkNBeijkSw9ADGU+ECrPakeIH3pntUWRJH1W93vKnLqpkn6HLGEXD9MCR0s98uhh8hT7uAYCxQTbEeKT3PYkfz3oe7XaR8rE601sds0ZyFwH7l8cvK97pGr+uhFXAaohiV6VqmLVXhManEjZZ8GfYWBD9BCmIJk43G3OGa5QYFeHqztprXaJNU5dFPv2Uq2C+L6EvfCfkK2OO1BLZgL+Rai5jjyy6k0fcfsxxd9BdGUwqDhcBeyTIzX9rePMugf/xD+6uNRxTU+vjVpGUtFOw6rpgmVyFv9mn3QMNdQBc5hYKVbIQwMNGTzGgcQv srid@nixos"; + }; + uday = { + name = "Uday Kiran"; + email = "udaycruise2903@gmail.com"; + }; +}