From 22f598ec503331df2b69399e48c43cbc43050227 Mon Sep 17 00:00:00 2001 From: fwastring Date: Thu, 11 Sep 2025 14:45:41 +0200 Subject: [PATCH] Added wastring.com --- keys/desktop_rsa_pubkey | 2 +- maskiner/desktop/configuration.nix | 1 + maskiner/jobb/configuration.nix | 10 ++++++++++ moduler/ssh.nix | 7 ------- moduler/vaultwarden.nix | 13 ++++++++----- moduler/wastring.nix | 21 +++++++++++++++++++++ 6 files changed, 41 insertions(+), 13 deletions(-) create mode 100644 moduler/wastring.nix diff --git a/keys/desktop_rsa_pubkey b/keys/desktop_rsa_pubkey index 605c113..2385f33 100644 --- a/keys/desktop_rsa_pubkey +++ b/keys/desktop_rsa_pubkey @@ -1 +1 @@ -AAAAB3NzaC1yc2EAAAADAQABAAACAQDhzOL/NsSlwUkgo6TVQfffHw4ysJU/+XMUNKyab1RCAhCEw74k7s7sCckW0KuZy05ZtINuyGK3dnajVO+FnyfjVRtqR7WOpJqlp917Q13ODgUReJeYSILtGR5mFnSAXUr+mp2xdFx+TJqoCxdzEm2E0VRBZYugYYwbM1LL5gBKGi7OJg+JYwuexRGAzFST68UAU8QME9Z3nLpBl4PnVdatmYxq4TXrHzvj6OeyxohzpbxCMbymqa+lb1C0MCUB8tRDub6+GRhLYhUh2WpYTCgAUc4BCZONLn/ZLn6+kAn1C0Vu8pKvwgviIVXpffq+pNTufE9RMPQ1gt+IWbk4vNsBIYj3ubn+BB+BfD7oQMUwXPktM7qh9AHz0nrA9l6x9aix8SfeMZ/ZewP/CXwQ/hk9Tozu1wVXy6BFSvz43P3o7BUcrQg5LjyU++YfWyzLMtw4btMzEJV1Nt7zDJvDAbepoNSQbIcKUFa1QDH4mQ9apszb3iJGmEWCOv2SjPZ3+6+op6TmT80FTttg7GVQ33l+bA1N46b8gy1wIBWEHZNh8ZH5tcSxM6u0iDuwNpsSUIPXRyJD/2Dv7uK1JP45aW0NxxsILLwuJtxvi08MrCvYyIT9J61qRmy5UGaOkI1qGCIOg2lJXv3t5E52KMA7leXIacfN/8Orm0kEdw4eY5ezPw== +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDhzOL/NsSlwUkgo6TVQfffHw4ysJU/+XMUNKyab1RCAhCEw74k7s7sCckW0KuZy05ZtINuyGK3dnajVO+FnyfjVRtqR7WOpJqlp917Q13ODgUReJeYSILtGR5mFnSAXUr+mp2xdFx+TJqoCxdzEm2E0VRBZYugYYwbM1LL5gBKGi7OJg+JYwuexRGAzFST68UAU8QME9Z3nLpBl4PnVdatmYxq4TXrHzvj6OeyxohzpbxCMbymqa+lb1C0MCUB8tRDub6+GRhLYhUh2WpYTCgAUc4BCZONLn/ZLn6+kAn1C0Vu8pKvwgviIVXpffq+pNTufE9RMPQ1gt+IWbk4vNsBIYj3ubn+BB+BfD7oQMUwXPktM7qh9AHz0nrA9l6x9aix8SfeMZ/ZewP/CXwQ/hk9Tozu1wVXy6BFSvz43P3o7BUcrQg5LjyU++YfWyzLMtw4btMzEJV1Nt7zDJvDAbepoNSQbIcKUFa1QDH4mQ9apszb3iJGmEWCOv2SjPZ3+6+op6TmT80FTttg7GVQ33l+bA1N46b8gy1wIBWEHZNh8ZH5tcSxM6u0iDuwNpsSUIPXRyJD/2Dv7uK1JP45aW0NxxsILLwuJtxvi08MrCvYyIT9J61qRmy5UGaOkI1qGCIOg2lJXv3t5E52KMA7leXIacfN/8Orm0kEdw4eY5ezPw== diff --git a/maskiner/desktop/configuration.nix b/maskiner/desktop/configuration.nix index 83689b0..07fe513 100644 --- a/maskiner/desktop/configuration.nix +++ b/maskiner/desktop/configuration.nix @@ -19,6 +19,7 @@ #../../moduler/nginx.nix #../../moduler/k3s.nix ../../moduler/vaultwarden.nix + ../../moduler/wastring.nix #../../moduler/lsp.nix ]; diff --git a/maskiner/jobb/configuration.nix b/maskiner/jobb/configuration.nix index 7d3f3a2..3898076 100644 --- a/maskiner/jobb/configuration.nix +++ b/maskiner/jobb/configuration.nix @@ -33,6 +33,16 @@ in base16Scheme = "${pkgs.base16-schemes}/share/themes/catppuccin-latte.yaml"; }; + programs.ssh.knownHosts = { + desktop = { + extraHostNames = [ "192.168.1.227" ]; + publicKeyFile = ../../keys/desktop_rsa_pubkey; + }; + "192.168.1.227" = { + publicKeyFile = ../../keys/desktop_rsa_pubkey; + }; + }; + home-manager.extraSpecialArgs = { inherit inputs pkgs; }; home-manager.users.fw = { imports = [ diff --git a/moduler/ssh.nix b/moduler/ssh.nix index 4955ec1..bb04c0e 100644 --- a/moduler/ssh.nix +++ b/moduler/ssh.nix @@ -2,13 +2,6 @@ { programs.ssh = { enable = true; - knownHosts = { - desktop = { - extraHostNames = [ "192.168.1.227" ]; - publicKeyFile = ./pubkeys/myhost_ssh_host_dsa_key.pub; - }; - } - ; matchBlocks = { "lth" = { hostname = "login.student.lth.se"; diff --git a/moduler/vaultwarden.nix b/moduler/vaultwarden.nix index eeeb165..158df48 100644 --- a/moduler/vaultwarden.nix +++ b/moduler/vaultwarden.nix @@ -3,17 +3,20 @@ }: { - networking.firewall = { - allowedTCPPorts = [ 80 443 ]; - }; + networking.firewall = { + allowedTCPPorts = [ + 80 + 443 + ]; + }; security.acme = { acceptTerms = true; defaults.email = "fredrik@wastring.com"; certs."pass.wastring.com" = { dnsProvider = "gandiv5"; webroot = null; - credentialsFile = /run/secrets/gandi_key; - dnsPropagationCheck = true; + credentialsFile = /run/secrets/gandi_key; + dnsPropagationCheck = true; }; }; services.nginx = { diff --git a/moduler/wastring.nix b/moduler/wastring.nix new file mode 100644 index 0000000..9a99fbf --- /dev/null +++ b/moduler/wastring.nix @@ -0,0 +1,21 @@ +{ config, inputs, pkgs, ... }: + +let +in +{ + security.acme = { + certs."wastring.com" = { + dnsProvider = "gandiv5"; + webroot = null; + credentialsFile = /run/secrets/gandi_key; + dnsPropagationCheck = true; + }; + }; + services.nginx = { + virtualHosts."wastring.com" = { + enableACME = true; + forceSSL = true; + root = "/var/www/wastring.com"; + }; + }; +}