Fix SSH
This commit is contained in:
soraefir
@@ -1,19 +1,10 @@
|
||||
{ config, lib, pkgs, ... }: let
|
||||
systemsDir = ../../../../../systems;
|
||||
systemNames = lib.attrNames (lib.filterAttrs
|
||||
(name: type: type == "directory" && builtins.pathExists (systemsDir + "/${name}/cfg.nix"))
|
||||
(builtins.readDir systemsDir));
|
||||
|
||||
# Use a helper to check if the attribute path exists safely
|
||||
# This prevents the "attribute 'net' missing" error
|
||||
isValidPeer = p:
|
||||
(p ? syscfg.net.wg.enable) &&
|
||||
(p.syscfg.net.wg.enable == true) &&
|
||||
(p.syscfg.net.wg.pubkey != config.syscfg.net.wg.pubkey);
|
||||
|
||||
importedConfigs = map (name: import (systemsDir + "/${name}/cfg.nix")) systemNames;
|
||||
|
||||
activePeers = builtins.filter isValidPeer importedConfigs;
|
||||
activePeers = builtins.filter isValidPeer config.syscfg.peers;
|
||||
in
|
||||
{
|
||||
imports = [ ./forwarding.nix ];
|
||||
|
||||
@@ -1,19 +1,4 @@
|
||||
{ config, pkgs, ... }: {
|
||||
sops.secrets.INFOMANIAK_API_KEY = { sopsFile = ./server.yaml; };
|
||||
sops.secrets."${config.syscfg.hostname}_ssh_pub" = {
|
||||
mode = "0400";
|
||||
owner = config.users.users.${config.syscfg.defaultUser}.name;
|
||||
group = config.users.users.${config.syscfg.defaultUser}.group;
|
||||
};
|
||||
sops.secrets."iriy_ssh_pub" = {
|
||||
mode = "0444";
|
||||
owner = config.users.users.${config.syscfg.defaultUser}.name;
|
||||
group = config.users.users.${config.syscfg.defaultUser}.group;
|
||||
};
|
||||
sops.secrets."valinor_ssh_pub" = {
|
||||
mode = "0444";
|
||||
owner = config.users.users.${config.syscfg.defaultUser}.name;
|
||||
group = config.users.users.${config.syscfg.defaultUser}.group;
|
||||
};
|
||||
sops.secrets."${config.syscfg.hostname}_wg_priv" = { };
|
||||
}
|
||||
|
||||
File diff suppressed because one or more lines are too long
@@ -22,16 +22,7 @@ in {
|
||||
owner = config.users.users.${config.syscfg.defaultUser}.name;
|
||||
group = config.users.users.${config.syscfg.defaultUser}.group;
|
||||
};
|
||||
"${config.syscfg.hostname}_ssh_pub" = {
|
||||
mode = "0444";
|
||||
owner = config.users.users.${config.syscfg.defaultUser}.name;
|
||||
group = config.users.users.${config.syscfg.defaultUser}.group;
|
||||
};
|
||||
"${config.syscfg.hostname}_wg_priv" = { };
|
||||
}
|
||||
(lib.genAttrs
|
||||
(map (peer: "${peer}_ssh_pub") ["iriy" "avalon" "valinor"])
|
||||
(_: { mode = "0444"; })
|
||||
)
|
||||
];
|
||||
}
|
||||
|
||||
@@ -1,7 +1,13 @@
|
||||
{ inputs, lib, ... }:
|
||||
let
|
||||
systemsDir = ../../../systems;
|
||||
systemNames = lib.attrNames (lib.filterAttrs
|
||||
(name: type: type == "directory" && builtins.pathExists (systemsDir + "/${name}/cfg.nix"))
|
||||
(builtins.readDir systemsDir));
|
||||
|
||||
userOpt = with lib; {
|
||||
username = mkOption { type = types.str; };
|
||||
pubssh = mkOption { type = types.str; default=""; };
|
||||
wm = mkOption {
|
||||
type = types.enum [ "Wayland" "X11" "-" ];
|
||||
default = "-";
|
||||
@@ -138,6 +144,9 @@ in with lib; {
|
||||
type = types.listOf (types.submodule { options = userOpt; });
|
||||
default = [ ];
|
||||
};
|
||||
peers = mkOption {
|
||||
default = map (name: import (systemsDir + "/${name}/cfg.nix")) systemNames;
|
||||
};
|
||||
server = mkOption {
|
||||
type = types.oneOf [
|
||||
(types.attrs)
|
||||
|
||||
Reference in New Issue
Block a user