From be1e5e4e42e91c9fab572a8b13ac6b1334cff0cf Mon Sep 17 00:00:00 2001
From: Franck Cuny <franck@fcuny.net>
Date: Sun, 30 Apr 2023 11:32:09 -0700
Subject: modules/security: move ssh configuration to a dedicated module

---
 modules/system/security/default.nix | 16 ++--------------
 modules/system/security/ssh.nix     | 17 +++++++++++++++++
 2 files changed, 19 insertions(+), 14 deletions(-)
 create mode 100644 modules/system/security/ssh.nix

(limited to 'modules')

diff --git a/modules/system/security/default.nix b/modules/system/security/default.nix
index 704aa64..debcd9e 100644
--- a/modules/system/security/default.nix
+++ b/modules/system/security/default.nix
@@ -1,20 +1,8 @@
 { ... }:
 
 {
+  imports = [ ./ssh.nix ];
+
   security.sudo.wheelNeedsPassword = false;
   security.polkit.enable = true;
-
-  programs.ssh = {
-    # $ ssh-keyscan example.com
-    knownHosts = {
-      github = {
-        hostNames = [ "github.com" ];
-        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl";
-      };
-      "de2664.rsync.net" = {
-        hostNames = [ "de2664.rsync.net" ];
-        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIObQN4P/deJ/k4P4kXh6a9K4Q89qdyywYetp9h3nwfPo";
-      };
-    };
-  };
 }
diff --git a/modules/system/security/ssh.nix b/modules/system/security/ssh.nix
new file mode 100644
index 0000000..14cbf5d
--- /dev/null
+++ b/modules/system/security/ssh.nix
@@ -0,0 +1,17 @@
+{ ... }:
+
+{
+  programs.ssh = {
+    # $ ssh-keyscan example.com
+    knownHosts = {
+      github = {
+        hostNames = [ "github.com" ];
+        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl";
+      };
+      rsync = {
+        hostNames = [ "de2664.rsync.net" ];
+        publicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIObQN4P/deJ/k4P4kXh6a9K4Q89qdyywYetp9h3nwfPo";
+      };
+    };
+  };
+}
-- 
cgit 1.4.1