25 lines
754 B
Nix
25 lines
754 B
Nix
{ lib, config, ... }:
|
|
let
|
|
inherit (config.ssh) username;
|
|
in
|
|
{
|
|
# auto extract SSH keys
|
|
system.activationScripts.extractSshKeys = lib.stringAfter [ "etc" ] ''
|
|
HOST_KEY="/etc/ssh/ssh_host_ed25519_key.pub"
|
|
HOST_DIR="/home/${username}/nix/hosts/${config.networking.hostName}"
|
|
|
|
if [ -f "$HOST_KEY" ] && [ -d "$HOST_DIR" ]; then
|
|
cp "$HOST_KEY" "$HOST_DIR/ssh_host.pub"
|
|
chown ${username}:users "$HOST_DIR/ssh_host.pub"
|
|
chmod 644 "$HOST_DIR/ssh_host.pub"
|
|
fi
|
|
|
|
USER_KEY="/home/${username}/.ssh/id_ed25519.pub"
|
|
if [ -f "$USER_KEY" ] && [ -d "$HOST_DIR" ]; then
|
|
cp "$USER_KEY" "$HOST_DIR/ssh_user.pub"
|
|
chown ${username}:users "$HOST_DIR/ssh_user.pub"
|
|
chmod 644 "$HOST_DIR/ssh_user.pub"
|
|
fi
|
|
'';
|
|
}
|