diff options
| -rw-r--r-- | krebs/3modules/makefu/default.nix | 3 | ||||
| -rw-r--r-- | makefu/1systems/gum/config.nix | 4 | ||||
| -rw-r--r-- | makefu/6tests/data/secrets/ssh_host_rsa_key | 0 |
3 files changed, 5 insertions, 2 deletions
diff --git a/krebs/3modules/makefu/default.nix b/krebs/3modules/makefu/default.nix index 0e6e5e7e..401cba97 100644 --- a/krebs/3modules/makefu/default.nix +++ b/krebs/3modules/makefu/default.nix @@ -580,7 +580,8 @@ with import <stockholm/lib>; ''; }; }; - ssh.privkey.path = <secrets/ssh_host_ed25519_key>; + # configured manually + # ssh.privkey.path = <secrets/ssh_host_ed25519_key>; ssh.pubkey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIcxWFEPzke/Sdd9qNX6rSJgXal8NmINYajpFCxXfYdj root@gum"; }; shoney = rec { diff --git a/makefu/1systems/gum/config.nix b/makefu/1systems/gum/config.nix index e1357ff0..e769b1e2 100644 --- a/makefu/1systems/gum/config.nix +++ b/makefu/1systems/gum/config.nix @@ -81,7 +81,9 @@ in { ]; makefu.dl-dir = "/var/download"; - + services.openssh.hostKeys = [ + { bits = 4096; path = <secrets/ssh_host_rsa_key>; type = "rsa"; } + { path = <secrets/ssh_host_ed25519_key>; type = "ed25519"; } ]; ###### stable services.nginx.virtualHosts.cgit.serverAliases = [ "cgit.euer.krebsco.de" ]; krebs.build.host = config.krebs.hosts.gum; diff --git a/makefu/6tests/data/secrets/ssh_host_rsa_key b/makefu/6tests/data/secrets/ssh_host_rsa_key new file mode 100644 index 00000000..e69de29b --- /dev/null +++ b/makefu/6tests/data/secrets/ssh_host_rsa_key |