set hostname and correct ssh key

author: Franck Cuny <franck@fcuny.net> 2024-12-09 08:06:21 -0800
committer: Franck Cuny <franck@fcuny.net> 2024-12-09 08:06:21 -0800
commit: 5e5b5322f6b648ab01bf204e9e655721d748f7e8 (patch)
tree: 4084d13973eecd3128583d22510968f635cecc63
parent: move the configuration for hetzner under machines (diff)
download: infra-5e5b5322f6b648ab01bf204e9e655721d748f7e8.tar.gz
6 files changed, 54 insertions, 39 deletions
diff --git a/flake.nix b/flake.nix
index da3fc0a..178bc25 100644
--- a/flake.nix
+++ b/flake.nix
@@ -38,33 +38,40 @@
     , devshell
     , ...
     }@inputs:
-    flake-utils.lib.eachDefaultSystem (system:
+    flake-utils.lib.eachDefaultSystem
+      (system:
+      let
+        pkgs = import nixpkgs {
+          inherit system;
+          overlays = [ devshell.overlays.default ];
+        };
+
+      in
+      {
+        checks = {
+          pre-commit-check = pre-commit-hooks.lib.${system}.run {
+            src = ./.;
+            hooks = {
+              nixpkgs-fmt.enable = true;
+              check-merge-conflicts.enable = true;
+              end-of-file-fixer.enable = true;
+            };
+          };
+        };
+
+        devShells.default = pkgs.devshell.mkShell {
+          packages = with pkgs; [ just ];
+          env = [{
+            name = "DEVSHELL_NO_MOTD";
+            value = "1";
+          }];
+        };
+
+      }) // (flake-utils.lib.eachDefaultSystemPassThrough (system:
     let
-      pkgs = import nixpkgs {
-        inherit system;
-        overlays = [ devshell.overlays.default ];
-      };
       mkSystem = import ./nix/lib/mkSystem.nix { inherit nixpkgs inputs; };
     in
     {
-      checks = {
-        pre-commit-check = pre-commit-hooks.lib.${system}.run {
-          src = ./.;
-          hooks = {
-            nixpkgs-fmt.enable = true;
-            check-merge-conflicts.enable = true;
-            end-of-file-fixer.enable = true;
-          };
-        };
-      };
-
-      devShells.default = pkgs.devshell.mkShell {
-        packages = with pkgs; [ just ];
-        env = [{
-          name = "DEVSHELL_NO_MOTD";
-          value = "1";
-        }];
-      };
 
       # a VM running on the MacBook Air
       nixosConfigurations.vm-aarch64 = mkSystem "vm-aarch64" {
@@ -92,10 +99,11 @@
       };
 
       # my work MacBook Pro
-      darwinConfigurations.macbook-pro-intel = mkSystem "macbook-pro-intel" {
-        system = "x86_64-darwin";
-        user = "fcuny";
-        darwin = true;
-      };
-    });
+      darwinConfigurations.macbook-pro-intel =
+        mkSystem "macbook-pro-intel" {
+          system = "x86_64-darwin";
+          user = "fcuny";
+          darwin = true;
+        };
+    }));
 }
diff --git a/nix/machines/vm-aarch64.nix b/nix/machines/vm-aarch64.nix
index 1c2e479..ac9c74e 100644
--- a/nix/machines/vm-aarch64.nix
+++ b/nix/machines/vm-aarch64.nix
@@ -1 +1,4 @@
-{ ... }: { imports = [ ./hardware/vm-aarch64-utm.nix ./vm-shared.nix ]; }
+{ ... }: {
+  imports = [ ./hardware/vm-aarch64-utm.nix ./vm-shared.nix ];
+  networking.hostName = "vm-aarch64";
+}
diff --git a/nix/machines/vm-hetzner.nix b/nix/machines/vm-hetzner.nix
index 03c7135..a268779 100644
--- a/nix/machines/vm-hetzner.nix
+++ b/nix/machines/vm-hetzner.nix
@@ -4,7 +4,7 @@
   boot.tmp.cleanOnBoot = true;
   zramSwap.enable = true;
 
-  networking.hostName = "fcuny";
+  networking.hostName = "vm-hetzner";
   networking.domain = "net";
 
   users.users.root.openssh.authorizedKeys.keys = [
diff --git a/nix/machines/vm-shared.nix b/nix/machines/vm-shared.nix
index bf26f38..0a1b4b2 100644
--- a/nix/machines/vm-shared.nix
+++ b/nix/machines/vm-shared.nix
@@ -13,8 +13,6 @@
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;
 
-  networking.hostName = "dev";
-
   time.timeZone = "America/Los_Angeles";
 
   # Don't require password for sudo
@@ -38,6 +36,10 @@
   services.openssh.settings.PasswordAuthentication = true;
   services.openssh.settings.PermitRootLogin = "no";
 
+  users.users.root.openssh.authorizedKeys.keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBkozy+X96u5ciX766bJ/AyQ3xm1tXZTIr5+4PVFZFi"
+  ];
+
   networking.firewall.enable = false;
 
   # This value determines the NixOS release from which the default
diff --git a/nix/machines/vm-synology.nix b/nix/machines/vm-synology.nix
index a38af50..643c821 100644
--- a/nix/machines/vm-synology.nix
+++ b/nix/machines/vm-synology.nix
@@ -1 +1,4 @@
-{ ... }: { imports = [ ./hardware/vm-synology.nix ./vm-shared.nix ]; }
+{ ... }: {
+  imports = [ ./hardware/vm-synology.nix ./vm-shared.nix ];
+  networking.hostName = "vm-synology";
+}
diff --git a/nix/users/fcuny/nixos.nix b/nix/users/fcuny/nixos.nix
index 7d7eee5..c030327 100644
--- a/nix/users/fcuny/nixos.nix
+++ b/nix/users/fcuny/nixos.nix
@@ -1,8 +1,5 @@
 { pkgs, ... }: {
-  # https://github.com/nix-community/home-manager/pull/2408
-  environment.pathsToLink = [ "/share/fish" ];
-
-  # Add ~/.local/bin to PATH
+  # add ~/.local/bin to PATH
   environment.localBinInPath = true;
 
   # we're using fish as our shell
@@ -13,9 +10,11 @@
     home = "/home/fcuny";
     extraGroups = [ "docker" "wheel" ];
     shell = pkgs.fish;
+    hashedPassword =
+      "$6$U4GoqhuHgdr.h0JP$C/BKslQfOpPJ5lUzrTeQh6i859R/jEKYSF9MaRhWYo5VG6aCDKsvb5xKSifH4nQt6okJixG9ceFh..Mnt93Jt/";
     openssh.authorizedKeys.keys = [
+      # key `nixos` in 1password
       "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAINBkozy+X96u5ciX766bJ/AyQ3xm1tXZTIr5+4PVFZFi"
-      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIFP4IsfG32WsmXJNcjsmuahhBHFQ6NulngEMaxcvDd/C"
     ];
   };
 }
author	Franck Cuny <franck@fcuny.net>	2024-12-09 08:06:21 -0800
committer	Franck Cuny <franck@fcuny.net>	2024-12-09 08:06:21 -0800
commit	5e5b5322f6b648ab01bf204e9e655721d748f7e8 (patch)
tree	4084d13973eecd3128583d22510968f635cecc63
parent	move the configuration for hetzner under machines (diff)
download	infra-5e5b5322f6b648ab01bf204e9e655721d748f7e8.tar.gz