summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--krebs/3modules/makefu/default.nix3
-rw-r--r--makefu/1systems/gum/config.nix4
-rw-r--r--makefu/6tests/data/secrets/ssh_host_rsa_key0
3 files changed, 5 insertions, 2 deletions
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix
index 0e6e5e7e..401cba97 100644
--- a/krebs/3modules/makefu/default.nix
+++ b/krebs/3modules/makefu/default.nix
@@ -580,7 +580,8 @@ with import <stockholm/lib>;
'';
};
};
- ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
+ # configured manually
+ # ssh.privkey.path = <secrets/ssh_host_ed25519_key>;
ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcxWFEPzke/Sdd9qNX6rSJgXal8NmINYajpFCxXfYdj root@gum";
};
shoney = rec {
diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix
index e1357ff0..e769b1e2 100644
--- a/makefu/1systems/gum/config.nix
+++ b/makefu/1systems/gum/config.nix
@@ -81,7 +81,9 @@ in {
];
makefu.dl-dir = "/var/download";
-
+ services.openssh.hostKeys = [
+ { bits = 4096; path = <secrets/ssh_host_rsa_key>; type = "rsa"; }
+ { path = <secrets/ssh_host_ed25519_key>; type = "ed25519"; } ];
###### stable
services.nginx.virtualHosts.cgit.serverAliases = [ "cgit.euer.krebsco.de" ];
krebs.build.host = config.krebs.hosts.gum;
diff --git a/makefu/6tests/data/secrets/ssh_host_rsa_key b/makefu/6tests/data/secrets/ssh_host_rsa_key
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/makefu/6tests/data/secrets/ssh_host_rsa_key