From b665f667410a56de22155a890615854eca6274fc Mon Sep 17 00:00:00 2001 From: Tristan Druyen Date: Wed, 21 Aug 2024 12:13:52 +0200 Subject: [PATCH] Update ssh pubkeys --- systems/nixos-desk/default.nix | 2 +- systems/nixos-pulse/default.nix | 7 +++- users/default.nix | 65 +++++++++++++++++++++------------ 3 files changed, 49 insertions(+), 25 deletions(-) diff --git a/systems/nixos-desk/default.nix b/systems/nixos-desk/default.nix index 71af689..5e56504 100644 --- a/systems/nixos-desk/default.nix +++ b/systems/nixos-desk/default.nix @@ -36,7 +36,7 @@ "kvm" "nixos-test" "gccarch-x86-64-v3" - "gccarch-znver3" + "gccarch-znver2" ]; boot = { kernelPackages = pkgs.pkgsx86_64_v3.linuxPackages_cachyos; diff --git a/systems/nixos-pulse/default.nix b/systems/nixos-pulse/default.nix index 3ac06d1..e5997e4 100644 --- a/systems/nixos-pulse/default.nix +++ b/systems/nixos-pulse/default.nix @@ -71,6 +71,9 @@ home = "/home/tristand"; hashedPassword = "$6$Wj.XY8JgH5EWuog4$HnbtPJXDEqKXFrzkPVEjih3PytcpBCrkfL7TAwkXd0IFced7kGMlZNliNsAqQ3XqfyUzAYiiKTIqoPVJEk.s.."; openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4xz3EgIRiRb/gmnCSq17kHd4MLilf05zYOFZrwOIrA tristand@nixos-fw16" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGDS/4JFRaAPoUaDiwDRbbNoaJqsBzaE+DEdaQH9OezM root@nixos-fw16" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIRFEtmoq36QmvAwv/xIVdvaf+B9Scbm5cUFFkP/c1nS root@nixos-f16" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHowJtKj3ohrYjyeWwQ8Lj6UMSPI390SwLRuVIlojcGM tristand@nixos-desk" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4fBDj1/He/uimO97RgjGWZLAimTrLmIlYS2ekD73GC tristan@arch-pulse" "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDP8ztBIgQsYh7LefSKtuDRYDWNheZWbmIr51T/Np/jc tristand@nixos-pulse" @@ -87,7 +90,9 @@ extraGroups = [ "docker" "networkmanager" "wheel" ]; shell = pkgs.bash; openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGDS/4JFRaAPoUaDiwDRbbNoaJqsBzaE+DEdaQH9OezM root@nixos-fw16" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4xz3EgIRiRb/gmnCSq17kHd4MLilf05zYOFZrwOIrA tristand@nixos-fw16" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGDS/4JFRaAPoUaDiwDRbbNoaJqsBzaE+DEdaQH9OezM root@nixos-fw16" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIRFEtmoq36QmvAwv/xIVdvaf+B9Scbm5cUFFkP/c1nS root@nixos-f16" ]; }; }; diff --git a/users/default.nix b/users/default.nix index 262e459..a872e22 100644 --- a/users/default.nix +++ b/users/default.nix @@ -5,30 +5,49 @@ , lib , ... }: { - users.users.tester = { - isNormalUser = true; - description = "Testa Test"; - extraGroups = [ "audio" "corectrl" "docker" "networkmanager" "i2c" "wheel" "libvirtd" "qemu-libvirtd" "input" ]; - shell = pkgs.fish; - home = "/home/tester"; - hashedPassword = "$6$YJT50/Za3FSFQuNT$0orD1URwoURoRKO9sIAsUiIHxOtEOjmPXn5Mp7vAmIYlgVmI629qS7YPUInmztEtEorRpkSMbV3.fCy9NQhKX."; - }; - users.users.tristand = { - isNormalUser = true; - description = "Tristan Druyen"; - extraGroups = [ "audio" "corectrl" "dialout" "docker" "networkmanager" "i2c" "wheel" "libvirtd" "qemu-libvirtd" "input" ]; - shell = pkgs.fish; - home = "/home/tristand"; - hashedPassword = "$6$Wj.XY8JgH5EWuog4$HnbtPJXDEqKXFrzkPVEjih3PytcpBCrkfL7TAwkXd0IFced7kGMlZNliNsAqQ3XqfyUzAYiiKTIqoPVJEk.s.."; - openssh.authorizedKeys.keys = [ - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHowJtKj3ohrYjyeWwQ8Lj6UMSPI390SwLRuVIlojcGM tristand@nixos-desk" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4fBDj1/He/uimO97RgjGWZLAimTrLmIlYS2ekD73GC tristan@arch-pulse" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDP8ztBIgQsYh7LefSKtuDRYDWNheZWbmIr51T/Np/jc tristand@nixos-pulse" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ/tkVxnPZB+C6sK9A12pUsB38OhXieMNaij6pC3foSH admin@vault81.de" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMuH8L7mQDg86uJME6jndOu4niwLMASuJKpdbJU8Hfet tristan+desktop@vault81.de" - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKJ6wPntg8+kVLU4M+ykRuBb37SQd1csUtO3ZIStoW+4 root@he2.vault82.de" - ]; + users.users = { + tester = { + isNormalUser = true; + description = "Testa Test"; + extraGroups = [ "audio" "corectrl" "docker" "networkmanager" "i2c" "wheel" "libvirtd" "qemu-libvirtd" "input" ]; + shell = pkgs.fish; + home = "/home/tester"; + hashedPassword = "$6$YJT50/Za3FSFQuNT$0orD1URwoURoRKO9sIAsUiIHxOtEOjmPXn5Mp7vAmIYlgVmI629qS7YPUInmztEtEorRpkSMbV3.fCy9NQhKX."; + }; + tristand = { + isNormalUser = true; + description = "Tristan Druyen"; + extraGroups = [ "audio" "corectrl" "dialout" "docker" "networkmanager" "i2c" "wheel" "libvirtd" "qemu-libvirtd" "input" ]; + shell = pkgs.fish; + home = "/home/tristand"; + hashedPassword = "$6$Wj.XY8JgH5EWuog4$HnbtPJXDEqKXFrzkPVEjih3PytcpBCrkfL7TAwkXd0IFced7kGMlZNliNsAqQ3XqfyUzAYiiKTIqoPVJEk.s.."; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4xz3EgIRiRb/gmnCSq17kHd4MLilf05zYOFZrwOIrA tristand@nixos-fw16" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGDS/4JFRaAPoUaDiwDRbbNoaJqsBzaE+DEdaQH9OezM root@nixos-fw16" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIRFEtmoq36QmvAwv/xIVdvaf+B9Scbm5cUFFkP/c1nS root@nixos-f16" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIHowJtKj3ohrYjyeWwQ8Lj6UMSPI390SwLRuVIlojcGM tristand@nixos-desk" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4fBDj1/He/uimO97RgjGWZLAimTrLmIlYS2ekD73GC tristan@arch-pulse" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIDP8ztBIgQsYh7LefSKtuDRYDWNheZWbmIr51T/Np/jc tristand@nixos-pulse" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJ/tkVxnPZB+C6sK9A12pUsB38OhXieMNaij6pC3foSH admin@vault81.de" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMuH8L7mQDg86uJME6jndOu4niwLMASuJKpdbJU8Hfet tristan+desktop@vault81.de" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKJ6wPntg8+kVLU4M+ykRuBb37SQd1csUtO3ZIStoW+4 root@he2.vault82.de" + ]; + }; + + nixremote = { + isSystemUser = true; + group = "nixremote"; + description = "remote builder user"; + extraGroups = [ "docker" "networkmanager" "wheel" ]; + shell = pkgs.bash; + openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4xz3EgIRiRb/gmnCSq17kHd4MLilf05zYOFZrwOIrA tristand@nixos-fw16" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGDS/4JFRaAPoUaDiwDRbbNoaJqsBzaE+DEdaQH9OezM root@nixos-fw16" + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIIRFEtmoq36QmvAwv/xIVdvaf+B9Scbm5cUFFkP/c1nS root@nixos-f16" + ]; + }; }; + users.groups.nixremote = { }; home-manager = { useUserPackages = true;