toph/dot.nix
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Refactor SSH known_hosts handling to use a _source, allowing local changes when needed

Browse source
This commit is contained in:
Chris Toph 2025-04-29 11:16:25 -04:00
parent 0416d8c3c1
commit ce6c7db198
1 changed files with 7 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
home/toph/common/core/ssh.nix
View file

@ -43,7 +43,13 @@ in
'';
};
".ssh/known_hosts".text = lib.concatStringsSep "\n" secretsSpec.ssh.knownHosts;
".ssh/known_hosts_source" = {
source = pkgs.writeText "known-hosts" (lib.concatStringsSep "\n" secretsSpec.ssh.knownHosts);
onChange = ''
cp $HOME/.ssh/known_hosts_source $HOME/.ssh/known_hosts
chmod 644 $HOME/.ssh/known_hosts
'';
};
}
# Dynamically add all SSH private keys using the existing store paths
# Ensures the keys have correct permissions and are not symlinks