feat(ops/machines): Add a module for known SSH keys r/3844

Change-Id: I443e479f3edf9c6540de7b5a33bc6f7e2a9c5183 Reviewed-on: https://cl.tvl.fyi/c/depot/+/5305 Tested-by: BuildkiteCI Reviewed-by: sterni <sternenseemann@systemli.org> Autosubmit: tazjin <tazjin@tvl.su>
author: Vincent Ambo <mail@tazj.in> 2022-02-17T16·20+0300
committer: tazjin <tazjin@tvl.su> 2022-02-18T08·22+0000
commit: 95780174e173f59b27d4f1f4e6628262f105477a (patch)
tree: 59392a3dd1d54148bb00710df65751b81ef35c36 /ops/modules
parent: b936843bb0464d95d0afbfbf7b9656d80a7464a7 (diff)
1 files changed, 21 insertions, 0 deletions
diff --git a/ops/modules/known-hosts.nix b/ops/modules/known-hosts.nix
new file mode 100644
index 000000000000..ef24d61c5767
--- /dev/null
+++ b/ops/modules/known-hosts.nix
@@ -0,0 +1,21 @@
+# Configure public keys for SSH hosts known to TVL.
+{ ... }:
+
+{
+  programs.ssh.knownHosts = {
+    whitby = {
+      hostNames = [ "whitby.tvl.fyi" "whitby.tvl.su" ];
+      publicKey = "whitby.tvl.fyi ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILNh/w4BSKov0jdz3gKBc98tpoLta5bb87fQXWBhAl2I";
+    };
+
+    sanduny = {
+      hostNames = [ "sanduny.tvl.su" ];
+      publicKey = "sanduny.tvl.su ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOag0XhylaTVhmT6HB8EN2Fv5Ymrc4ZfypOXONUkykTX";
+    };
+
+    github = {
+      hostNames = [ "github.com" ];
+      publicKey = "github.com ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOMqqnkVzrm0SdG6UOoqKLsabgH5C9okWi0dh2l9GKJl";
+    };
+  };
+}
author	Vincent Ambo <mail@tazj.in>	2022-02-17T16·20+0300
committer	tazjin <tazjin@tvl.su>	2022-02-18T08·22+0000
commit	95780174e173f59b27d4f1f4e6628262f105477a (patch)
tree	59392a3dd1d54148bb00710df65751b81ef35c36 /ops/modules
parent	b936843bb0464d95d0afbfbf7b9656d80a7464a7 (diff)