modules/security: move ssh configuration to a dedicated module

author: Franck Cuny <franck@fcuny.net> 2023-04-30 11:32:09 -0700
committer: Franck Cuny <franck@fcuny.net> 2023-04-30 14:40:13 -0700
commit: be1e5e4e42e91c9fab572a8b13ac6b1334cff0cf (patch)
tree: aa4e01b51d72b8344b2e045fb8a3e10f634ba320 /modules/system/security/ssh.nix
parent: hosts/tahoe: enable rsync-ing backups to rsync.net (diff)
download: world-be1e5e4e42e91c9fab572a8b13ac6b1334cff0cf.tar.gz
1 files changed, 17 insertions, 0 deletions
diff --git a/modules/system/security/ssh.nix b/modules/system/security/ssh.nix
new file mode 100644
index 0000000..14cbf5d
--- /dev/null
+++ b/modules/system/security/ssh.nix
@@ -0,0 +1,17 @@
+{ ... }:
+
+{
+  programs.ssh = {
+    # $ ssh-keyscan example.com
+    knownHosts = {
+      github = {
+        hostNames = [ "github.com" ];
+        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl";
+      };
+      rsync = {
+        hostNames = [ "de2664.rsync.net" ];
+        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIObQN4P/deJ/k4P4kXh6a9K4Q89qdyywYetp9h3nwfPo";
+      };
+    };
+  };
+}
author	Franck Cuny <franck@fcuny.net>	2023-04-30 11:32:09 -0700
committer	Franck Cuny <franck@fcuny.net>	2023-04-30 14:40:13 -0700
commit	be1e5e4e42e91c9fab572a8b13ac6b1334cff0cf (patch)
tree	aa4e01b51d72b8344b2e045fb8a3e10f634ba320 /modules/system/security/ssh.nix
parent	hosts/tahoe: enable rsync-ing backups to rsync.net (diff)
download	world-be1e5e4e42e91c9fab572a8b13ac6b1334cff0cf.tar.gz