Olivier
2a911b057b
- Introduced a new `navi` module for managing deployments across multiple hosts. - Enhanced SSH inventory management to support public key application for authorized hosts. - Configured system deployment builder for seamless integration with Navi. - Updated various host configurations to enable deployment capabilities and streamline SSH access.
36 lines
950 B
Nix
36 lines
950 B
Nix
{ self, ... }: {
|
|
flake.nixosModules.sshInbound = {
|
|
config,
|
|
lib,
|
|
...
|
|
}:
|
|
let
|
|
cfg = config.chiasson.ssh.inbound;
|
|
inventory = self.lib.sshInventory;
|
|
in
|
|
{
|
|
options.chiasson.ssh.inbound = {
|
|
enable = lib.mkEnableOption "Apply SSH inventory public keys to `authorized_keys`.";
|
|
userAuthorizedHosts = lib.mkOption {
|
|
type = lib.types.attrsOf (lib.types.either (lib.types.enum [ "all" ]) (lib.types.listOf lib.types.str));
|
|
default = { };
|
|
example = {
|
|
olivier = "all";
|
|
admin = [ "14900k" "t2mbp" ];
|
|
};
|
|
description = ''
|
|
Catalog users that receive the SSH inventory public keys in `authorized_keys`.
|
|
'';
|
|
};
|
|
};
|
|
|
|
config = lib.mkIf cfg.enable {
|
|
users.users = lib.mapAttrs
|
|
(_user: _selection: {
|
|
openssh.authorizedKeys.keys = inventory.authorizedKeys;
|
|
})
|
|
cfg.userAuthorizedHosts;
|
|
};
|
|
};
|
|
}
|