refactor: update kernel conf & add root SSH keys

systems/rescue-iso/default.nix

@@ -2,8 +2,7 @@
 , pkgs
 , inputs
 , ...
-}:
+}: {
-{
   imports = [
     "${inputs.nixpkgs}/nixos/modules/installer/cd-dvd/installation-cd-graphical-plasma5.nix"
     "${inputs.nixpkgs}/nixos/modules/installer/cd-dvd/channel.nix"
@@ -24,27 +23,39 @@
       version = "6.12-rc3";
       kernelPatches = pkgs.callPackage "${inputs.nixpkgs}/pkgs/os-specific/linux/kernel/patches.nix" { };
       ref = "6efbea77b390604a7be7364583e19cd2d6a1291b";
-      linux_mainline = { buildLinux, fetchzip, ... }@args: buildLinux {
+      linux_mainline = { buildLinux, fetchzip, ... } @ args:
-        version = version;
+        buildLinux {
-        src = fetchzip {
+          version = version;
-          url = "https://git.kernel.org/torvalds/t/linux-${ref}.tar.gz";
+          src = fetchzip {
-          hash = "sha256-TP1sBMr34gAfIWD/LBlhorSebABUYsQE4OBuDFb348c=";
+            url = "https://git.kernel.org/torvalds/t/linux-${ref}.tar.gz";
+            hash = "sha256-TP1sBMr34gAfIWD/LBlhorSebABUYsQE4OBuDFb348c=";
+          };
+          modDirVersion = lib.versions.pad 3 version;
+          kernelPatches = [
+            kernelPatches.bridge_stp_helper
+            kernelPatches.request_key_helper
+          ];
+          extraMeta.branch = "master";
         };
-        modDirVersion = lib.versions.pad 3 version;
+      linuxMainlinePkg = pkgs.callPackage linux_mainline { };
-        kernelPatches = [
-          kernelPatches.bridge_stp_helper
-          kernelPatches.request_key_helper
-        ];
-        extraMeta.branch = "master";
-      };
-      linuxMainlinePkg = (pkgs.callPackage linux_mainline { });
       linuxMainlinePkgs = pkgs.recurseIntoAttrs (pkgs.linuxPackagesFor linuxMainlinePkg);
     in
     {
       kernelPackages = linuxMainlinePkgs;
-      supportedFilesystems = lib.mkForce [ "bcachefs" "btrfs" "reiserfs" "vfat" "f2fs" "xfs" "ntfs" "cifs" ];
+      supportedFilesystems = lib.mkForce [ "bcachefs" "btrfs" "vfat" "f2fs" "xfs" "ntfs" "cifs" ];
     };
 
+  users.users.root.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4xz3EgIRiRb/gmnCSq17kHd4MLilf05zYOFZrwOIrA tristand@nixos-fw16"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGDS/4JFRaAPoUaDiwDRbbNoaJqsBzaE+DEdaQH9OezM root@nixos-fw16"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHowJtKj3ohrYjyeWwQ8Lj6UMSPI390SwLRuVIlojcGM tristand@nixos-desk"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDP8ztBIgQsYh7LefSKtuDRYDWNheZWbmIr51T/Np/jc tristand@nixos-pulse"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ/tkVxnPZB+C6sK9A12pUsB38OhXieMNaij6pC3foSH admin@vault81.de"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMuH8L7mQDg86uJME6jndOu4niwLMASuJKpdbJU8Hfet tristan+desktop@vault81.de"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKokTPK/Gm30kqFAd+u5AT0BL7bG/eNt6pmGf40U8j03 arch-h1"
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKJ6wPntg8+kVLU4M+ykRuBb37SQd1csUtO3ZIStoW+4 root@he2.vault82.de"
+  ];
+
   users.extraUsers.root.hashedPassword = "$y$j9T$6eIwRNXAtlsVCP4x8GrQi1$PDbhjsbOGyIArOYtxtgc6u.w7I.M4iZbfk3pc7a4b93"; # nixos
   users.extraUsers.root.initialPassword = lib.mkForce null;
   users.extraUsers.root.initialHashedPassword = lib.mkForce null;