titaniumtown/server-config
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: titaniumtown:8e32b739859dd1046f813b455e958793f47f6171
Branches Tags
titaniumtown:main
..
compare: titaniumtown:56fe61011aee41da012e4ec202ba6f4787cf7dd9
Branches Tags
titaniumtown:main

2 Commits
8e32b73985 ... 56fe61011a

Author SHA1 Message Date
Simon Gardling
56fe61011a impermanence: fix persistant ssh host keys 2026-01-13 13:10:19 -05:00
Simon Gardling
528782ae32 update 2026-01-13 12:39:29 -05:00
2 changed files with 32 additions and 24 deletions
Expand all files Collapse all files

36
flake.lock generated
View File

@@ -27,11 +27,11 @@
},
"crane": {
"locked": {
"lastModified": 1767461147,
"narHash": "sha256-TH/xTeq/RI+DOzo+c+4F431eVuBpYVwQwBxzURe7kcI=",
"lastModified": 1767744144,
"narHash": "sha256-9/9ntI0D+HbN4G0TrK3KmHbTvwgswz7p8IEJsWyef8Q=",
"owner": "ipetkov",
"repo": "crane",
"rev": "7d59256814085fd9666a2ae3e774dc5ee216b630",
"rev": "2fb033290bf6b23f226d4c8b32f7f7a16b043d7e",
"type": "github"
},
"original": {
@@ -259,11 +259,11 @@
"rust-overlay": "rust-overlay"
},
"locked": {
"lastModified": 1768208826,
"narHash": "sha256-HWnVcDDuBCHUDoDpNADw1LybfF4jKofGAynV4HDRRrg=",
"lastModified": 1768307256,
"narHash": "sha256-3yDvlAqWa0Vk3B9hFRJJrSs1xc+FwVQFLtu//VrTR4c=",
"owner": "nix-community",
"repo": "lanzaboote",
"rev": "ba5f08218d4f14bf1baeeb69eaadb7a2f2d995af",
"rev": "7e031eb535a494582f4fc58735b5aecba7b57058",
"type": "github"
},
"original": {
@@ -328,11 +328,11 @@
},
"nixpkgs_2": {
"locked": {
"lastModified": 1768028080,
"narHash": "sha256-50aDK+8eLvsLK39TzQhKNq50/HcXyP4hyxOYoPoVxjo=",
"lastModified": 1768242861,
"narHash": "sha256-F4IIxa5xDHjtrmMcayM8lHctUq1oGltfBQu2+oqDWP4=",
"owner": "NixOS",
"repo": "nixpkgs",
"rev": "d03088749a110d52a4739348f39a63f84bb0be14",
"rev": "1327e798cb055f96f92685df444e9a2c326ab5ed",
"type": "github"
},
"original": {
@@ -408,11 +408,11 @@
]
},
"locked": {
"lastModified": 1767495280,
"narHash": "sha256-hEEgtE/RSRigw8xscchGymf/t1nluZwTfru4QF6O1CQ=",
"lastModified": 1768272338,
"narHash": "sha256-Tg/kL8eKMpZtceDvBDQYU8zowgpr7ucFRnpP/AtfuRM=",
"owner": "oxalica",
"repo": "rust-overlay",
"rev": "cb24c5cc207ba8e9a4ce245eedd2d37c3a988bc1",
"rev": "03dda130a8701b08b0347fcaf850a190c53a3c1e",
"type": "github"
},
"original": {
@@ -445,11 +445,11 @@
"senior_project-website": {
"flake": false,
"locked": {
"lastModified": 1764604089,
"narHash": "sha256-n1Dw2o5I0h+8hroIrkyqZWAK6usAQg3zdOVDhjLA4DY=",
"lastModified": 1768253064,
"narHash": "sha256-Lp3k2BhOWo7bYRcGuV0ltgVYr+0+1QCcpuB7kK4pvOE=",
"owner": "Titaniumtown",
"repo": "senior-project-website",
"rev": "d11badd0f8fe24a37e81439f60eb9c1ce3eb2c22",
"rev": "f86a1c80c58d1c292b4673e28e892de13fb78a25",
"type": "github"
},
"original": {
@@ -541,11 +541,11 @@
"trackerlist": {
"flake": false,
"locked": {
"lastModified": 1768172918,
"narHash": "sha256-31ob5YhAem7ORlwEIo7VviS7wUKrwCv8loHqcdQigiA=",
"lastModified": 1768259319,
"narHash": "sha256-kB+XRKahig2LTD14ypfYbR1QsOel6E35lIxLENleV/E=",
"owner": "ngosang",
"repo": "trackerslist",
"rev": "bb1a0aebaa6db1133b66f5b55278cc76cfda98cc",
"rev": "3f5537d696a42c5a4a97dc9c7abf0a82fcce40eb",
"type": "github"
},
"original": {

20
modules/impermanence.nix
View File

@@ -23,12 +23,6 @@
];
files = [
# SSH host keys
"/etc/ssh/ssh_host_ed25519_key"
"/etc/ssh/ssh_host_ed25519_key.pub"
"/etc/ssh/ssh_host_rsa_key"
"/etc/ssh/ssh_host_rsa_key.pub"
# Machine ID
"/etc/machine-id"
@@ -49,6 +43,20 @@
};
};
# Store SSH host keys directly in /persistent to survive tmpfs root wipes.
# This is more reliable than bind mounts for service-generated files.
services.openssh.hostKeys = [
{
path = "/persistent/etc/ssh/ssh_host_ed25519_key";
type = "ed25519";
}
{
path = "/persistent/etc/ssh/ssh_host_rsa_key";
type = "rsa";
bits = 4096;
}
];
systemd.tmpfiles.rules = [
"d /etc 755 root"
];