about summary refs log tree commit diff
diff options
context:
space:
mode:
authorAspen Smith <root@gws.fyi>2024-03-31T17·45-0400
committerclbot <clbot@tvl.fyi>2024-03-31T17·49+0000
commitd5acb178b2f2fa23215a091a135f94efa631514d (patch)
tree43de83642e7b66fd4edc9f6b6331c95fd32ea9d9
parent5b43bd705aa75ea4b9877176056eaa6bafa49303 (diff)
feat(aspen/system): Always authorize my main ssh key r/7808
Change-Id: I42fc3887a0eb95404de29efba98dc26cb3f21aed
Reviewed-on: https://cl.tvl.fyi/c/depot/+/11297
Autosubmit: aspen <root@gws.fyi>
Tested-by: BuildkiteCI
Reviewed-by: aspen <root@gws.fyi>
-rw-r--r--users/aspen/system/system/machines/roswell.nix4
-rw-r--r--users/aspen/system/system/modules/common.nix8
2 files changed, 7 insertions, 5 deletions
diff --git a/users/aspen/system/system/machines/roswell.nix b/users/aspen/system/system/machines/roswell.nix
index e7529542a80d..da62eec93ec6 100644
--- a/users/aspen/system/system/machines/roswell.nix
+++ b/users/aspen/system/system/machines/roswell.nix
@@ -12,10 +12,6 @@
 
   networking.hostName = "roswell";
 
-  users.users.grfn.openssh.authorizedKeys.keys = [
-    depot.users.aspen.keys.main
-  ];
-
   boot.loader.systemd-boot.enable = lib.mkForce false;
   boot.loader.efi.canTouchEfiVariables = lib.mkForce false;
 
diff --git a/users/aspen/system/system/modules/common.nix b/users/aspen/system/system/modules/common.nix
index 4ed1f8d7b196..17140317f5b3 100644
--- a/users/aspen/system/system/modules/common.nix
+++ b/users/aspen/system/system/modules/common.nix
@@ -44,7 +44,13 @@ with lib;
   documentation.dev.enable = true;
   documentation.man.generateCaches = true;
 
-  services.openssh.enable = true;
+  services.openssh = {
+    enable = true;
+    settings = { X11Forwarding = true; };
+  };
+
+  users.users.grfn.openssh.authorizedKeys.keys =
+    [ depot.users.aspen.keys.main ];
 
   programs.ssh.startAgent = true;