Configured remote deployments

Also includes some misc fixes for bugs I ran into along the way.
2023-04-16 10:07:42 -07:00 · 2023-04-16 10:07:42 -07:00 · 58efac7f13
commit 58efac7f13
parent 7d8328b880
9 changed files with 107 additions and 32 deletions
--- a/modules/nix/default.nix
+++ b/modules/nix/default.nix
@ -7,7 +7,7 @@
 }:
 with lib; let
  cfg = config.aa.nix;
-  selfHostedCacheHost = "192.168.113.69";
+  selfHostedCacheHost = "http://192.168.113.69/";
 in {
  options.aa.nix = with types; {
    enable = mkEnableOption "manage nix configuration.";
@ -41,7 +41,7 @@ in {
          if cfg.useSelfhostedCache
          then [
            selfHostedCacheHost
-            "https://cache.nixos.org"
+            "https://cache.nixos.org/"
          ]
          else [];
        trusted-public-keys =
--- a/modules/services/nix-serve/default.nix
+++ b/modules/services/nix-serve/default.nix
@ -22,6 +22,8 @@ in {
  };

  config = mkIf cfg.enable {
+    nix.settings.allowed-users = ["nix-serve"];
+
    services = {
      nix-serve = {
        enable = true;
--- a/modules/services/openssh/default.nix
+++ b/modules/services/openssh/default.nix
@ -21,22 +21,23 @@ in {
      default = [default-key];
      description = "The public keys to authorize";
    };
+  };

-    config = mkIf config.enable {
-      services.openssh = {
-        enable = true;
-        settings = {
-          PasswordAuthentication = false;
-          PermitRootLogin =
-            if format == "install-iso"
-            then true
-            else false;
-        };
+  config = mkIf cfg.enable {
+    services.openssh = {
+      enable = true;
+      settings = {
+        PasswordAuthentication = false;
+        PermitRootLogin = mkDefault (
+          if format == "install-iso"
+          then "yes"
+          else "no"
+        );
      };
+    };

-      aa.home.extraOptions = {
-        programs.openssh.authorizedKeys.keys = cfg.authorizedKeys;
-      };
+    aa.user.extraOptions = {
+      openssh.authorizedKeys.keys = cfg.authorizedKeys;
    };
  };
 }
--- a/modules/suites/utils/default.nix
+++ b/modules/suites/utils/default.nix
@ -14,13 +14,16 @@ in {

  config = mkIf cfg.enable {
    environment.systemPackages = with pkgs; [
+      alejandra
      bat
      curl
+      deploy-rs
      fd
      file
      htop
      jq
      killall
+      pre-commit
      ripgrep
      usbutils
      wget
--- a/modules/tools/gpg/default.nix
+++ b/modules/tools/gpg/default.nix
@ -6,7 +6,7 @@
  ...
 }:
 with lib; let
-  cfg = config.aa.tools.git;
+  cfg = config.aa.tools.gpg;
  user = config.aa.user;
 in {
  options.aa.tools.gpg = with types; {
--- a/modules/user/default.nix
+++ b/modules/user/default.nix
@ -32,7 +32,7 @@ in {
    extraOptions = mkOption {
      type = attrs;
      default = {};
-      description = "Extra options passed to <option>users.user.<name></option>.";
+      description = "Extra options passed to <option>users.users.<name></option>.";
    };
  };