From c538c5ad082b37e2cd74410caad4d6f5f1a7e4ef Mon Sep 17 00:00:00 2001 From: hektor Date: Mon, 2 Feb 2026 18:34:39 +0100 Subject: [PATCH] fix: add public hostname to ssh config and refactor --- deploy/colmena.nix | 46 +++++++++++---------------------- home/modules/ssh.nix | 18 ++++++++++--- hosts/hecuba/default.nix | 1 + modules/ssh/authorized-keys.nix | 4 +++ 4 files changed, 35 insertions(+), 34 deletions(-) diff --git a/deploy/colmena.nix b/deploy/colmena.nix index 4bba12d..c32b127 100644 --- a/deploy/colmena.nix +++ b/deploy/colmena.nix @@ -3,6 +3,16 @@ inputs, }: +let + mkNode = hostname: tags: { + imports = [ ../hosts/${hostname} ]; + deployment = { + targetHost = self.nixosConfigurations.${hostname}.config.ssh.publicHostname; + targetUser = self.nixosConfigurations.${hostname}.config.ssh.username; + inherit tags; + }; + }; +in inputs.colmena.lib.makeHive { meta = { nixpkgs = import inputs.nixpkgs { @@ -13,35 +23,9 @@ inputs.colmena.lib.makeHive { nodeSpecialArgs = builtins.mapAttrs (_: v: v._module.specialArgs or { }) self.nixosConfigurations; }; - astyanax = { - imports = [ ../hosts/astyanax ]; - deployment.tags = [ "local" ]; - }; - - andromache = { - imports = [ ../hosts/andromache ]; - deployment.tags = [ "local" ]; - }; - - vm = { - imports = [ ../hosts/vm ]; - deployment.tags = [ "local" ]; - }; - - hecuba = { - imports = [ ../hosts/hecuba ]; - deployment = { - targetHost = "server.hektormisplon.xyz"; - targetUser = "username"; - tags = [ "cloud" ]; - }; - }; - - eetion = { - imports = [ ../hosts/eetion ]; - deployment = { - targetUser = "h"; - tags = [ "arm" ]; - }; - }; + astyanax = mkNode "astyanax" [ "local" ]; + andromache = mkNode "andromache" [ "local" ]; + vm = mkNode "vm" [ "local" ]; + hecuba = mkNode "hecuba" [ "cloud" ]; + eetion = mkNode "eetion" [ "arm" ]; } diff --git a/home/modules/ssh.nix b/home/modules/ssh.nix index 13eefba..988d55a 100644 --- a/home/modules/ssh.nix +++ b/home/modules/ssh.nix @@ -18,8 +18,20 @@ in enable = true; enableDefaultConfig = false; - matchBlocks = lib.genAttrs hostsWithKeys (hostname: { - host = hostname; - }); + matchBlocks = lib.genAttrs hostsWithKeys ( + hostname: + let + hostConfig = outputs.nixosConfigurations.${hostname}.config; + publicHostname = hostConfig.ssh.publicHostname; + targetUser = hostConfig.ssh.username; + in + { + host = hostname; + user = targetUser; + } + // lib.optionalAttrs (publicHostname != "") { + hostname = publicHostname; + } + ); }; } diff --git a/hosts/hecuba/default.nix b/hosts/hecuba/default.nix index 6c9ff74..6da2a74 100644 --- a/hosts/hecuba/default.nix +++ b/hosts/hecuba/default.nix @@ -24,6 +24,7 @@ in networking.hostName = hostName; ssh.username = username; + ssh.publicHostname = "server.hektormisplon.xyz"; ssh.authorizedHosts = [ "andromache" "astyanax" diff --git a/modules/ssh/authorized-keys.nix b/modules/ssh/authorized-keys.nix index cf0286a..5226b68 100644 --- a/modules/ssh/authorized-keys.nix +++ b/modules/ssh/authorized-keys.nix @@ -9,6 +9,10 @@ type = lib.types.str; default = "h"; }; + publicHostname = lib.mkOption { + type = lib.types.str; + default = ""; + }; }; # auto generate authorized_keys from `authorizedHosts`