Jafner.net/dotfiles/modules/services/ssh.nix

{ pkgs, sys, ... }: {
  # Enable SSH server with exclusively key-based auth
  services.openssh = {
    enable = true;
    settings.PasswordAuthentication = false;
    settings.KbdInteractiveAuthentication = false;
  };
  users.users."${sys.username}".openssh.authorizedKeys.keys = let
      authorizedKeys = pkgs.fetchurl {
        url = "https://github.com/Jafner.keys";
        sha256 = "1i3Vs6mPPl965g3sRmbXGzx6zQBs5geBCgNx2zfpjF4=";
      };
    in pkgs.lib.splitString "\n" (builtins.readFile authorizedKeys);
}
Refactor flake: - Delete homeManagerConfigurations from flake. - Delete laptop nixosConfiguration. - Delete `home-manager/` and `nixos/` directories. - Switch from one general "vars" attrset for variables to using built-for-purpose attrsets for variables, each declared where it makes most sense (e.g. the "sys" attrset will be used for system-specific attributes). - Create `systems/` directory for root-level system configurations and `modules/` directory for re-usable config files. - Consolidate most app and system configuration into the `desktop-environment.nix` and `terminal-environment.nix` files. - Standardize all `.nix` files to nixos config nodes, as opposed to home-manager. May reverse this decision. - Use `${sys.username}` for the username of the primary user of the system. - Use `${usr.${sys.username}}` for attributes related to that user (e.g. realname, email). 2025-01-08 12:04:28 -08:00			`{ pkgs, sys, ... }: {`
			`# Enable SSH server with exclusively key-based auth`
			`services.openssh = {`
			`enable = true;`
			`settings.PasswordAuthentication = false;`
			`settings.KbdInteractiveAuthentication = false;`
			`};`
			`users.users."${sys.username}".openssh.authorizedKeys.keys = let`
			`authorizedKeys = pkgs.fetchurl {`
			`url = "https://github.com/Jafner.keys";`
			`sha256 = "1i3Vs6mPPl965g3sRmbXGzx6zQBs5geBCgNx2zfpjF4=";`
			`};`
			`in pkgs.lib.splitString "\n" (builtins.readFile authorizedKeys);`
			`}`