dend: cs home part

2026-03-27 23:50:55 +01:00
parent 763b460f65
commit 574e91135f
10 changed files with 517 additions and 17 deletions
--- a/modules/networking/ssh.nix
+++ b/modules/networking/ssh.nix
@@ -0,0 +1,47 @@
+{
+  flake.homeModules.ssh = {
+    config,
+    lib,
+    ...
+  }: let
+    cfg = config.hive.ssh;
+  in {
+    options.hive.ssh = {
+      keys = lib.mkOption {
+        type = lib.types.listOf (lib.types.str);
+        default = [];
+        description = ''
+          A list of SSH key names. Each one results in a id_<name> file in .ssh
+        '';
+      };
+      sopsFile = lib.mkOption {
+        type = lib.types.path;
+        default = null;
+        description = ''
+          Path to the sops file containing the SSH keys.
+          Requires a config key. And for each private key names in <keys> an keys.<name> entry.
+        '';
+      };
+    };
+
+    config = {
+      sops.secrets =
+        {
+          "ssh/config" = {
+            inherit (cfg) sopsFile;
+            key = "config";
+            path = "${config.home.homeDirectory}/.ssh/config";
+          };
+        }
+        // builtins.listToAttrs (map (name: {
+            name = "ssh/id_${name}";
+            value = {
+              inherit (cfg) sopsFile;
+              key = "keys/${name}";
+              path = "${config.home.homeDirectory}/.ssh/id_${name}";
+            };
+          })
+          cfg.keys);
+    };
+  };
+}