toph/dot.nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add known_hosts support in SSH secrets

Browse source 
• Append known_hosts file generation using defined SSH entries
• Change knownHosts type from attribute set to list for simplicity
This commit is contained in:
Chris Toph 2025-04-23 13:52:20 -04:00
parent 37f1082010
commit ad2b8951e6
2 changed files with 5 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
home/toph/common/core/ssh.nix
View file

@ -42,6 +42,8 @@ in
chmod 400 $HOME/.ssh/config chmod 400 $HOME/.ssh/config
''; '';
}; };
".ssh/known_hosts".text = lib.concatStringsSep "\n" secretsSpec.ssh.knownHosts;
} }
# Dynamically add all SSH private keys using the existing store paths # Dynamically add all SSH private keys using the existing store paths
# Ensures the keys have correct permissions and are not symlinks # Ensures the keys have correct permissions and are not symlinks

6
modules/common/secret-spec.nix
View file

@ -42,9 +42,9 @@ in
default = { }; default = { };
}; };
knownHosts = lib.mkOption { knownHosts = lib.mkOption {
type = lib.types.attrsOf lib.types.str; type = lib.types.listOf lib.types.str;
description = "SSH known hosts entries keyed by hostname"; description = "SSH known hosts entries";
default = { }; default = [ ];
}; };
}; };
}; };