hosts/omar: Persist OpenSSH keys

author: Linnnus <[email protected]> 2024-12-26 00:00:17 +0000
committer: Linnnus <[email protected]> 2024-12-27 09:07:52 +0100
commit: 75a30285c2d8e51b209c03e60d121acbc6d298d8 (patch)
tree: 1d3e34da4ebf43fd61013be88acde22c55707396 /shared
parent: d925e7a6f8d0af246fd8ad7e253c510bdf3c8eb5 (diff)
1 files changed, 20 insertions, 0 deletions
diff --git a/shared/nixos/persist-ssh-host-keys/default.nix b/shared/nixos/persist-ssh-host-keys/default.nix
new file mode 100644
index 0000000..5180376
--- /dev/null
+++ b/shared/nixos/persist-ssh-host-keys/default.nix
@@ -0,0 +1,20 @@
+# This module ensures that SSH keys are not cleared on reboots.
+# It assumes that `/` is ephemeral and `/persist` isn't.
+
+{...}:
+
+{
+  services.openssh = {
+    hostKeys = [
+      {
+        path = "/persist/ssh/ssh_host_ed25519_key";
+        type = "ed25519";
+      }
+      {
+        path = "/persist/ssh/ssh_host_rsa_key";
+        type = "rsa";
+        bits = 4096;
+      }
+    ];
+  };
+}
author	Linnnus <[email protected]>	2024-12-26 00:00:17 +0000
committer	Linnnus <[email protected]>	2024-12-27 09:07:52 +0100
commit	75a30285c2d8e51b209c03e60d121acbc6d298d8 (patch)
tree	1d3e34da4ebf43fd61013be88acde22c55707396 /shared
parent	d925e7a6f8d0af246fd8ad7e253c510bdf3c8eb5 (diff)