users/max: remove PKCS11 and GSSAPI stuff
This commit is contained in:
parent
18596425db
commit
0d7eeec14a
5 changed files with 4 additions and 13 deletions
|
|
@ -1,5 +1,5 @@
|
|||
let
|
||||
max = (import ../users/max/userinfo.nix null).sshKeys;
|
||||
max = (import ../users/max/userinfo.nix).sshKeys;
|
||||
hosts = import ../hosts;
|
||||
systemKeys = x: x.ssh.id.publicKey or null;
|
||||
in with hosts;
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
systemProfile: { pkgs, lib, config, inputs, ... }:
|
||||
let meta = import ./userinfo.nix pkgs;
|
||||
let meta = import ./userinfo.nix;
|
||||
in ({
|
||||
age.secrets.shadow-max.file = ../../secrets/shadow-max.age;
|
||||
users.extraGroups.${meta.userName}.gid = 1000;
|
||||
|
|
|
|||
|
|
@ -9,7 +9,7 @@ let
|
|||
# get past module system args magic
|
||||
systemProfile = if args ? systemProfile then args.systemProfile else "headless";
|
||||
|
||||
meta = if args ? meta then args.meta else import ./userinfo.nix pkgs;
|
||||
meta = if args ? meta then args.meta else import ./userinfo.nix;
|
||||
|
||||
isNixos = args ? isNixos;
|
||||
|
||||
|
|
|
|||
|
|
@ -4,7 +4,6 @@ let
|
|||
user = "git";
|
||||
extraOptions = {
|
||||
CanonicalizeHostname = "no";
|
||||
IdentityFile = ''"pkcs11:token=${meta.userName}"'';
|
||||
};
|
||||
};
|
||||
labHost = {
|
||||
|
|
@ -17,9 +16,6 @@ let
|
|||
VerifyHostKeyDNS = "no";
|
||||
};
|
||||
};
|
||||
vegasProxy = {
|
||||
proxyJump = "vegas.backbone.${meta.orgDomain}";
|
||||
};
|
||||
};
|
||||
equip = host: cfgSet: cfgSet // { inherit host; };
|
||||
in {
|
||||
|
|
@ -35,10 +31,7 @@ in {
|
|||
extraOptionOverrides = {
|
||||
ExitOnForwardFailure = "yes";
|
||||
TCPKeepAlive = "no";
|
||||
GSSAPIAuthentication = "yes";
|
||||
GSSAPIDelegateCredentials = "yes";
|
||||
VerifyHostKeyDNS = "yes";
|
||||
PKCS11Provider = builtins.elemAt meta.security.pkcs11Providers 0;
|
||||
CanonicalDomains = builtins.concatStringsSep " "
|
||||
((map (sub: "${sub}.${meta.orgDomain}") [
|
||||
"backbone"
|
||||
|
|
|
|||
|
|
@ -1,11 +1,9 @@
|
|||
pkgs: rec {
|
||||
rec {
|
||||
firstName = "Max";
|
||||
lastName = "Headroom";
|
||||
userName = "max";
|
||||
orgDomain = "privatevoid.net";
|
||||
|
||||
security = { pkcs11Providers = [ "${pkgs.opensc}/lib/opensc-pkcs11.so" ]; };
|
||||
|
||||
sshKeys = [
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIL5C7mC5S2gM0K6x0L/jNwAeQYbFSzs16Q73lONUlIkL max@TITAN"
|
||||
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMmdWfmAs/0rno8zJlhBFMY2SumnHbTNdZUXJqxgd9ON max@jericho"
|
||||
|
|
|
|||
Loading…
Reference in a new issue