diff options
Diffstat (limited to 'hosts/ahmed')
| -rw-r--r-- | hosts/ahmed/git.linus.onl/default.nix | 3 | ||||
| -rw-r--r-- | hosts/ahmed/local-dns/dns-resolver.nix | 2 | ||||
| -rw-r--r-- | hosts/ahmed/remote-builder/default.nix | 5 | ||||
| -rw-r--r-- | hosts/ahmed/ssh/default.nix | 2 |
4 files changed, 7 insertions, 5 deletions
diff --git a/hosts/ahmed/git.linus.onl/default.nix b/hosts/ahmed/git.linus.onl/default.nix index be62efa..24eda7f 100644 --- a/hosts/ahmed/git.linus.onl/default.nix +++ b/hosts/ahmed/git.linus.onl/default.nix @@ -35,7 +35,8 @@ in { openssh.authorizedKeys.keys = map (key: "no-port-forwarding,no-X11-forwarding,no-agent-forwarding,no-pty ${key}") [ - metadata.hosts.muhammed.sshPubKey + # The user's own SSH key is used when the Git CLI connects to the server. + metadata.hosts.muhammed.sshKeys.linus ]; }; users.groups.git = {}; diff --git a/hosts/ahmed/local-dns/dns-resolver.nix b/hosts/ahmed/local-dns/dns-resolver.nix index 1954a52..7d966ee 100644 --- a/hosts/ahmed/local-dns/dns-resolver.nix +++ b/hosts/ahmed/local-dns/dns-resolver.nix @@ -32,7 +32,7 @@ # Here we publish all the services we want. data = let - subdomainToARecord = subdomain: "=${subdomain}.${config.linus.local-dns.domain}:${metadata.hosts.ahmed.ipAddress}"; + subdomainToARecord = subdomain: "=${subdomain}.${config.linus.local-dns.domain}:${metadata.hosts.ahmed.ipv4Address}"; ARecords = lib.concatMapStringsSep "\n" subdomainToARecord config.linus.local-dns.subdomains; in '' # We are authoritative over ${config.linus.local-dns.domain}. diff --git a/hosts/ahmed/remote-builder/default.nix b/hosts/ahmed/remote-builder/default.nix index 50f9595..1bb85f6 100644 --- a/hosts/ahmed/remote-builder/default.nix +++ b/hosts/ahmed/remote-builder/default.nix @@ -10,9 +10,10 @@ group = "remotebuilder"; # Allow SSH connections by the Nix client. - # This is matched with the ssh config IdentityFile on the client-side. openssh.authorizedKeys.keys = [ - metadata.hosts.muhammed.sshPubKey + # This is matched with the ssh config IdentityFile on the client-side. + # TODO: Use root key! + metadata.hosts.muhammed.sshKeys.linus ]; }; users.groups.remotebuilder = {}; diff --git a/hosts/ahmed/ssh/default.nix b/hosts/ahmed/ssh/default.nix index 4912bf5..a2110b7 100644 --- a/hosts/ahmed/ssh/default.nix +++ b/hosts/ahmed/ssh/default.nix @@ -13,7 +13,7 @@ users.users = lib.genAttrs ["root" "linus"] (_: { openssh.authorizedKeys.keys = [ - metadata.hosts.muhammed.sshPubKey + metadata.hosts.muhammed.sshKeys.linus # Identity used by Termios on iPhone. "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBPbGet0Mn5+HMeRBXeOkSYqGqbefFZ4kE9aYemyDp9D" |