diff options
Diffstat (limited to 'shared/nixos/persist-ssh-host-keys/default.nix')
| -rw-r--r-- | shared/nixos/persist-ssh-host-keys/default.nix | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/shared/nixos/persist-ssh-host-keys/default.nix b/shared/nixos/persist-ssh-host-keys/default.nix new file mode 100644 index 0000000..5180376 --- /dev/null +++ b/shared/nixos/persist-ssh-host-keys/default.nix @@ -0,0 +1,20 @@ +# This module ensures that SSH keys are not cleared on reboots. +# It assumes that `/` is ephemeral and `/persist` isn't. + +{...}: + +{ + services.openssh = { + hostKeys = [ + { + path = "/persist/ssh/ssh_host_ed25519_key"; + type = "ed25519"; + } + { + path = "/persist/ssh/ssh_host_rsa_key"; + type = "rsa"; + bits = 4096; + } + ]; + }; +} |