Use ssh-keys.nix for key managment

2024-08-30 07:55:26 +02:00 · 2024-08-30 07:55:26 +02:00 · 49c79ce951
commit 49c79ce951
parent 189ae77b0a
1 changed files with 3 additions and 18 deletions
--- a/modules/utils/server-node-users.nix
+++ b/modules/utils/server-node-users.nix
@ -7,22 +7,7 @@
 let
  cfg = config.my.utils.serverNodeUsers;
  gitlabUsername = "pazpi";
-  sshKeys =
-    let
-      localKeys = [
-        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDhiGLc/whCY3lCmDiRlYnMJOLiO/gvcRj/sKVEFVAhQ pazpi@deadbeef"
-        # Add more local keys as needed
-      ];
-      gitlabKeys = pkgs.lib.splitString "\n" (
-        builtins.readFile (
-          pkgs.fetchurl {
-            url = "https://gitlab.com/${gitlabUsername}.keys";
-            sha256 = "tHC4DBRO8mXBLFBqGiZlgyY5Pzpl4AMeURCni6H7IjI=";
-          }
-        )
-      );
-    in
-    localKeys ++ gitlabKeys;
+  sshKeys = import ../../ssh-keys.nix;
 in
 {
  options.my.utils.serverNodeUsers = {
@ -41,7 +26,7 @@ in

      users.root = {
        hashedPassword = "!";
-        openssh.authorizedKeys.keys = sshKeys;
+        openssh.authorizedKeys.keys = sshKeys.infra-core;
      };

      users.pazpi = {
@ -49,7 +34,7 @@ in
        hashedPassword = "$y$j9T$oWLCV1hnGPyOGabMfAS3p1$/iwouRZGwQXcv6IHnLuT3I9.pmeXNpcHxq.b8xfitr1";
        shell = pkgs.bash;
        extraGroups = [ "wheel" ];
-        openssh.authorizedKeys.keys = sshKeys;
+        openssh.authorizedKeys.keys = sshKeys.infra-core;
      };

    };