From 2e6a6722c29a8d6345ab81dd72354ea41a8474ac Mon Sep 17 00:00:00 2001
From: KJ Tsanaktsidis <kj@kjtsanaktsidis.id.au>
Date: Tue, 6 Jan 2026 22:41:58 +1100
Subject: non sb working

---
 labsrv01/home.nix | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

(limited to 'labsrv01/home.nix')

diff --git a/labsrv01/home.nix b/labsrv01/home.nix
index 72824ba..b016b9e 100644
--- a/labsrv01/home.nix
+++ b/labsrv01/home.nix
@@ -53,11 +53,6 @@
     };
   };
 
-  # SSH public key (private key is managed by sops)
-  home.file.".ssh/id_ed25519.pub" = {
-    text = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMtGcEXu5S/0zsF6Suxc65DmGFGt1JWRnqadoVhErOed kjtsanaktsidis@KJMacbookGroq.local";
-  };
-
   # Zsh configuration
   programs.zsh = {
     enable = true;
@@ -88,7 +83,14 @@
   };
   home.activation.importGpgPrivateKey = config.lib.dag.entryAfter ["sops-nix" "onFilesChange"] ''
     export GNUPGHOME="${config.programs.gpg.homedir}"
-    $DRY_RUN_CMD ${pkgs.gnupg}/bin/gpg --batch --verbose --trust-model always --import "${config.sops.secrets.kj_gpg_private_key.path}"
+    run ${pkgs.gnupg}/bin/gpg --batch --verbose --trust-model always --import "${config.sops.secrets.kj_gpg_private_key.path}"
     echo "GPG private key imported from sops secret"
   '';
+  home.activation.setSSHPublicKey = config.lib.dag.entryAfter ["sops-nix" "onFilesChange"] ''
+    writeSSHKeygenPublicPart() {
+      ${pkgs.openssh}/bin/ssh-keygen -y -f ~/.ssh/id_ed25519 | tee ~/.ssh/id_ed25519.pub
+    }
+    echo "Setting SSH public key from private part"
+    run writeSSHKeygenPublicPart
+  '';
 }
-- 
cgit v1.2.3