Squash bugs and make aspi config work

2025-04-23 09:59:02 +02:00
parent 532bbe8675
commit 7db055ca27
27 changed files with 163 additions and 152 deletions
--- a/hosts/common/optional/openssh.nix
+++ b/hosts/common/optional/openssh.nix
@ -0,0 +1,52 @@
+{
+  outputs,
+  lib,
+  config,
+  ...
+}:
+let
+  hosts = lib.attrNames outputs.nixosConfigurations;
+in
+{
+  services.openssh = {
+    enable = true;
+    settings = {
+      # Harden
+      PasswordAuthentication = false;
+      PermitRootLogin = "no";
+
+      # TODO: what does this d
+      # Let WAYLAND_DISPLAY be forwarded
+      AcceptEnv = "WAYLAND_DISPLAY";
+      X11Forwarding = true;
+    };
+
+    hostKeys = [
+      {
+        path = "/etc/ssh/ssh_host_ed25519_key";
+        type = "ed25519";
+      }
+    ];
+  };
+
+  # TODO: is automatic known hosts file even necessary?
+  # programs.ssh = {
+  #   # Each hosts public key
+  #   knownHosts = lib.genAttrs hosts (hostname: {
+  #     publicKeyFile = ../../${hostname}/ssh_host_ed25519_key.pub;
+  #     extraHostNames =
+  #       [
+  #         "${hostname}.m7.rs"
+  #       ]
+  #       ++
+  #         # Alias for localhost if it's the same host
+  #         (lib.optional (hostname == config.networking.hostName) "localhost")
+  #       # Alias to m7.rs and git.m7.rs if it's alcyone
+  #       ++ (lib.optionals (hostname == "alcyone") [
+  #         "m7.rs"
+  #         "git.m7.rs"
+  #       ]);
+  #   });
+  # };
+
+}
--- a/hosts/common/optional/quietboot.nix
+++ b/hosts/common/optional/quietboot.nix
@ -1,32 +0,0 @@
-{
-  pkgs,
-  config,
-  ...
-}:
-{
-  console = {
-    useXkbConfig = true;
-    earlySetup = false;
-  };
-
-  boot = {
-    plymouth = {
-      enable = true;
-      theme = "spinner-monochrome";
-      themePackages = [
-        (pkgs.plymouth-spinner-monochrome.override { inherit (config.boot.plymouth) logo; })
-      ];
-    };
-    loader.timeout = 0;
-    kernelParams = [
-      "quiet"
-      "loglevel=3"
-      "systemd.show_status=auto"
-      "udev.log_level=3"
-      "rd.udev.log_level=3"
-      "vt.global_cursor_default=0"
-    ];
-    consoleLogLevel = 0;
-    initrd.verbose = false;
-  };
-}
--- a/hosts/common/optional/xdg-portal.nix
+++ b/hosts/common/optional/xdg-portal.nix
@ -1,6 +1,4 @@
 {
-  config,
-  lib,
  pkgs,
  ...
 }: