From 003ec2813e6ec3dd3f55d025e9c554fe0f21eff3 Mon Sep 17 00:00:00 2001 From: Christopher James Hayward Date: Wed, 23 Jun 2021 14:30:05 -0400 Subject: [PATCH] Add pre-authorized SSH keys --- README.org | 13 +++++++++++++ hosts/acernitro/configuration.nix | 3 +++ hosts/homecloud/configuration.nix | 3 +++ hosts/nixos/configuration.nix | 3 +++ hosts/raspberry/configuration.nix | 3 +++ 5 files changed, 25 insertions(+) diff --git a/README.org b/README.org index 593b75d..c1714c5 100644 --- a/README.org +++ b/README.org @@ -369,6 +369,15 @@ networking.hosts = { }; #+END_SRC +Setting up new machines, especially headless ones like the Raspberry Pi Zero, can be difficult with NixOS. I find it easier to setup automatic network configuration, and wait for the machine to appear on the network. This is complimented with a pre-authorized SSH key, making it simple to connect and complete the installation headlessly. + +#+NAME: host-config-ssh +#+BEGIN_SRC nix +users.users.chris.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4wka/LfG3pto15DIm9LIRbb6rWr7/ipCRiCdAKSlY4 chris@chrishayward.xyz" +]; +#+END_SRC + ** Default The default host, built using QEMU[fn:19], a free and open-source emulator that can perform hardware virtualization. It features a lightweight system optimized for development, running GNU/Emacs[fn:2] + EXWM[fn:20] as the graphical environment. @@ -420,6 +429,7 @@ This is a basic default configuration that specified the indended default config networking.interfaces.ens3.useDHCP = true; <> + <> programs.mtr.enable = true; programs.fish.enable = true; @@ -541,6 +551,7 @@ This configuration is nearly identical to the default, except for a few key diff <> <> + <> services.xserver.dpi = 96; services.xserver.libinput.touchpad.tapping = false; @@ -652,6 +663,7 @@ Deploy this configuration with ~sudo nixos-rebuild switch --flake /etc/dotfiles/ networking.interfaces.wlan0.useDHCP = true; <> + <> environment.systemPackages = [ pkgs.libraspberrypi @@ -774,6 +786,7 @@ Deploy this configuration with ~sudo nixos-rebuild switch --flake /etc/dotfiles/ <> <> + <> environment.systemPackages = [ pkgs.libraspberrypi diff --git a/hosts/acernitro/configuration.nix b/hosts/acernitro/configuration.nix index ff062a7..dec026b 100644 --- a/hosts/acernitro/configuration.nix +++ b/hosts/acernitro/configuration.nix @@ -26,6 +26,9 @@ # "" = [ "zero-two" ]; # "" = [ "android" ]; }; + users.users.chris.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4wka/LfG3pto15DIm9LIRbb6rWr7/ipCRiCdAKSlY4 chris@chrishayward.xyz" + ]; services.xserver.dpi = 96; services.xserver.libinput.touchpad.tapping = false; diff --git a/hosts/homecloud/configuration.nix b/hosts/homecloud/configuration.nix index 0e39570..47bdb09 100644 --- a/hosts/homecloud/configuration.nix +++ b/hosts/homecloud/configuration.nix @@ -24,6 +24,9 @@ # "" = [ "zero-two" ]; # "" = [ "android" ]; }; + users.users.chris.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4wka/LfG3pto15DIm9LIRbb6rWr7/ipCRiCdAKSlY4 chris@chrishayward.xyz" + ]; environment.systemPackages = [ pkgs.libraspberrypi diff --git a/hosts/nixos/configuration.nix b/hosts/nixos/configuration.nix index 512bfae..576cc9e 100644 --- a/hosts/nixos/configuration.nix +++ b/hosts/nixos/configuration.nix @@ -21,6 +21,9 @@ # "" = [ "zero-two" ]; # "" = [ "android" ]; }; + users.users.chris.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4wka/LfG3pto15DIm9LIRbb6rWr7/ipCRiCdAKSlY4 chris@chrishayward.xyz" + ]; programs.mtr.enable = true; programs.fish.enable = true; diff --git a/hosts/raspberry/configuration.nix b/hosts/raspberry/configuration.nix index 42617e5..9292e75 100644 --- a/hosts/raspberry/configuration.nix +++ b/hosts/raspberry/configuration.nix @@ -22,6 +22,9 @@ # "" = [ "zero-two" ]; # "" = [ "android" ]; }; + users.users.chris.openssh.authorizedKeys.keys = [ + "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIO4wka/LfG3pto15DIm9LIRbb6rWr7/ipCRiCdAKSlY4 chris@chrishayward.xyz" + ]; environment.systemPackages = [ pkgs.libraspberrypi