about summary refs log tree commit diff
diff options
context:
space:
mode:
authorFranck Cuny <franck@fcuny.net>2023-04-30 11:32:09 -0700
committerFranck Cuny <franck@fcuny.net>2023-04-30 14:40:13 -0700
commitbe1e5e4e42e91c9fab572a8b13ac6b1334cff0cf (patch)
treeaa4e01b51d72b8344b2e045fb8a3e10f634ba320
parenthosts/tahoe: enable rsync-ing backups to rsync.net (diff)
downloadworld-be1e5e4e42e91c9fab572a8b13ac6b1334cff0cf.tar.gz
modules/security: move ssh configuration to a dedicated module
-rw-r--r--modules/system/security/default.nix16
-rw-r--r--modules/system/security/ssh.nix17
2 files changed, 19 insertions, 14 deletions
diff --git a/modules/system/security/default.nix b/modules/system/security/default.nix
index 704aa64..debcd9e 100644
--- a/modules/system/security/default.nix
+++ b/modules/system/security/default.nix
@@ -1,20 +1,8 @@
 { ... }:
 
 {
+  imports = [ ./ssh.nix ];
+
   security.sudo.wheelNeedsPassword = false;
   security.polkit.enable = true;
-
-  programs.ssh = {
-    # $ ssh-keyscan example.com
-    knownHosts = {
-      github = {
-        hostNames = [ "github.com" ];
-        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl";
-      };
-      "de2664.rsync.net" = {
-        hostNames = [ "de2664.rsync.net" ];
-        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIObQN4P/deJ/k4P4kXh6a9K4Q89qdyywYetp9h3nwfPo";
-      };
-    };
-  };
 }
diff --git a/modules/system/security/ssh.nix b/modules/system/security/ssh.nix
new file mode 100644
index 0000000..14cbf5d
--- /dev/null
+++ b/modules/system/security/ssh.nix
@@ -0,0 +1,17 @@
+{ ... }:
+
+{
+  programs.ssh = {
+    # $ ssh-keyscan example.com
+    knownHosts = {
+      github = {
+        hostNames = [ "github.com" ];
+        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl";
+      };
+      rsync = {
+        hostNames = [ "de2664.rsync.net" ];
+        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIObQN4P/deJ/k4P4kXh6a9K4Q89qdyywYetp9h3nwfPo";
+      };
+    };
+  };
+}