summaryrefslogtreecommitdiff
path: root/labsrv01/home.nix
diff options
context:
space:
mode:
Diffstat (limited to 'labsrv01/home.nix')
-rw-r--r--labsrv01/home.nix14
1 files changed, 8 insertions, 6 deletions
diff --git a/labsrv01/home.nix b/labsrv01/home.nix
index 72824ba..b016b9e 100644
--- a/labsrv01/home.nix
+++ b/labsrv01/home.nix
@@ -53,11 +53,6 @@
};
};
- # SSH public key (private key is managed by sops)
- home.file.".ssh/id_ed25519.pub" = {
- text = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMtGcEXu5S/0zsF6Suxc65DmGFGt1JWRnqadoVhErOed kjtsanaktsidis@KJMacbookGroq.local";
- };
-
# Zsh configuration
programs.zsh = {
enable = true;
@@ -88,7 +83,14 @@
};
home.activation.importGpgPrivateKey = config.lib.dag.entryAfter ["sops-nix" "onFilesChange"] ''
export GNUPGHOME="${config.programs.gpg.homedir}"
- $DRY_RUN_CMD ${pkgs.gnupg}/bin/gpg --batch --verbose --trust-model always --import "${config.sops.secrets.kj_gpg_private_key.path}"
+ run ${pkgs.gnupg}/bin/gpg --batch --verbose --trust-model always --import "${config.sops.secrets.kj_gpg_private_key.path}"
echo "GPG private key imported from sops secret"
'';
+ home.activation.setSSHPublicKey = config.lib.dag.entryAfter ["sops-nix" "onFilesChange"] ''
+ writeSSHKeygenPublicPart() {
+ ${pkgs.openssh}/bin/ssh-keygen -y -f ~/.ssh/id_ed25519 | tee ~/.ssh/id_ed25519.pub
+ }
+ echo "Setting SSH public key from private part"
+ run writeSSHKeygenPublicPart
+ '';
}
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-11 17:01:26 +0000