Automated installation of host keys

This commit is contained in:
Nicolas Jeannerod 2024-11-08 16:21:52 +01:00
parent 00935e8501
commit d719a974c2
Signed by untrusted user: Niols
GPG key ID: 35DB9EC8886E1CB8
2 changed files with 23 additions and 6 deletions

View file

@ -1004,11 +1004,11 @@
"pixelfed": "pixelfed"
},
"locked": {
"lastModified": 1730977329,
"narHash": "sha256-1/txLla4VANl2g/oyf5ehG5QSGauO/yvOzrblqzJzN8=",
"lastModified": 1731083725,
"narHash": "sha256-+wmQoX+EXcxM/94vmc91hvR750SGXFsx3WhSYxHwMHA=",
"ref": "refs/heads/main",
"rev": "cd194f818df0f1752da4ef15c1e435586d28b596",
"revCount": 97,
"rev": "2d522f51f5b61041a2468ff3bb4eb38704081dbc",
"revCount": 99,
"type": "git",
"url": "https://git.fediversity.eu/fediversity/simple-nixos-fediverse.git"
},

View file

@ -81,18 +81,35 @@
let
inherit (builtins) mapAttrs;
in
mapAttrs (_: snf.mkInstaller nixpkgs) self.nixosConfigurations.provisioning;
mapAttrs (
vmname:
snf.mkInstaller {
inherit nixpkgs;
hostKeys = {
rsa = {
private = ./hostKeys/${vmname}/ssh_host_rsa_key;
public = ./hostKeys/${vmname}/ssh_host_rsa_key.pub;
};
ed25519 = {
private = ./hostKeys/${vmname}/ssh_host_ed25519_key;
public = ./hostKeys/${vmname}/ssh_host_ed25519_key.pub;
};
};
}
) self.nixosConfigurations.provisioning;
nixops4Deployments.default =
{ providers, ... }:
let
inherit (builtins) readFile;
makeProcolixVmResource = vmid: vmconfig: {
type = providers.local.exec;
imports = [ inputs.nixops4-nixos.modules.nixops4Resource.nixos ];
ssh.opts = "";
ssh.host = "95.215.187.${vmid}";
ssh.hostPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOW+f+PUuOBVP4IongWpryzYiOwt19smufZksSwnSPyo";
ssh.hostPublicKey = readFile ./hostKeys/fedi${vmid}/ssh_host_ed25519_key.pub;
nixpkgs = inputs.nixpkgs;
nixos.module =