feat: basic nix config structure
This commit is contained in:
parent
2987d84e27
commit
b9a581c63f
64
common/common/default.nix
Normal file
64
common/common/default.nix
Normal file
@ -0,0 +1,64 @@
|
|||||||
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports =
|
||||||
|
[ #
|
||||||
|
];
|
||||||
|
|
||||||
|
# Set your time zone.
|
||||||
|
time.timeZone = "Europe/Berlin";
|
||||||
|
networking.useDHCP = false;
|
||||||
|
networking.firewall.allowedTCPPorts = [ 19999 ];
|
||||||
|
services.netdata.enable = true;
|
||||||
|
|
||||||
|
# Select internationalisation properties.
|
||||||
|
i18n.defaultLocale = "en_US.UTF-8";
|
||||||
|
console = {
|
||||||
|
font = "Lat2-Terminus16";
|
||||||
|
keyMap = "de-latin1";
|
||||||
|
};
|
||||||
|
|
||||||
|
programs.zsh = {
|
||||||
|
enable = true;
|
||||||
|
histSize = 10000;
|
||||||
|
autosuggestions.enable = true;
|
||||||
|
enableBashCompletion = true;
|
||||||
|
syntaxHighlighting.enable = true;
|
||||||
|
promptInit = ''
|
||||||
|
source ~/.zkbd/$TERM-''${''${DISPLAY:t}:-''$VENDOR-''$OSTYPE}
|
||||||
|
[[ -n ''${key[Left]} ]] && bindkey "''${key[Left]}" backward-char
|
||||||
|
[[ -n ''${key[Right]} ]] && bindkey "''${key[Right]}" forward-char
|
||||||
|
bindkey "''${key[Up]}" up-line-or-search
|
||||||
|
bindkey "''${key[Home]}" beginning-of-line
|
||||||
|
bindkey "''${key[End]}" end-of-line
|
||||||
|
bindkey "''${key[Delete]}" delete-char
|
||||||
|
function command_not_found_handler() { command-not-found $1 }
|
||||||
|
alias cat='bat'
|
||||||
|
eval "$(direnv hook zsh)"
|
||||||
|
eval "$(starship init zsh)"
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
programs.starship.enable = true;
|
||||||
|
|
||||||
|
programs.mtr.enable = true;
|
||||||
|
nix.settings = {
|
||||||
|
trusted-users = [ "@wheel" ];
|
||||||
|
auto-optimise-store = true;
|
||||||
|
};
|
||||||
|
nix.gc = {
|
||||||
|
automatic = true;
|
||||||
|
dates = "weekly";
|
||||||
|
options = "--delete-older-than 14d";
|
||||||
|
};
|
||||||
|
nix.extraOptions = ''
|
||||||
|
min-free = ${toString (100 * 1024 * 1024)}
|
||||||
|
max-free = ${toString (1024 * 1024 * 1024)}
|
||||||
|
'';
|
||||||
|
|
||||||
|
services.openssh = {
|
||||||
|
enable = true;
|
||||||
|
passwordAuthentication = false;
|
||||||
|
kbdInteractiveAuthentication = false;
|
||||||
|
permitRootLogin = "yes";
|
||||||
|
};
|
||||||
|
}
|
25
flake.nix
Normal file
25
flake.nix
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
{
|
||||||
|
inputs = {
|
||||||
|
nixpkgs.url = "github:NixOS/nixpkgs/nixos-unstable";
|
||||||
|
};
|
||||||
|
outputs = { nixpkgs, ... }: {
|
||||||
|
colmena = {
|
||||||
|
|
||||||
|
meta = {
|
||||||
|
nixpkgs = import nixpkgs {
|
||||||
|
system = "x86_64-linux";
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
pre-router = { config, pkgs, ... }:{
|
||||||
|
imports = [./hosts/pre-router/configuration.nix];
|
||||||
|
deployment.targetHost = "lightbuffet.entr0py.cloud";
|
||||||
|
deployment.keys = {
|
||||||
|
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
117
hosts/pre-router/configuration.nix
Normal file
117
hosts/pre-router/configuration.nix
Normal file
@ -0,0 +1,117 @@
|
|||||||
|
{ config, pkgs, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports =
|
||||||
|
[ # Include the results of the hardware scan.
|
||||||
|
./hardware-configuration.nix
|
||||||
|
./router.nix
|
||||||
|
./dhcp.nix
|
||||||
|
./dns.nix
|
||||||
|
./ipv6.nix
|
||||||
|
./nginx.nix
|
||||||
|
];
|
||||||
|
|
||||||
|
# Use the systemd-boot EFI boot loader.
|
||||||
|
boot.loader.systemd-boot.enable = true;
|
||||||
|
boot.loader.efi.canTouchEfiVariables = true;
|
||||||
|
|
||||||
|
networking.hostName = "pre-router"; # Define your hostname.
|
||||||
|
|
||||||
|
# Set your time zone.
|
||||||
|
time.timeZone = "Europe/Berlin";
|
||||||
|
|
||||||
|
# The global useDHCP flag is deprecated, therefore explicitly set to false here.
|
||||||
|
# Per-interface useDHCP will be mandatory in the future, so this generated config
|
||||||
|
# replicates the default behaviour.
|
||||||
|
networking.useDHCP = false;
|
||||||
|
#networking.interfaces.ens18.useDHCP = false;
|
||||||
|
#networking.interfaces.ens19.useDHCP = false;
|
||||||
|
networking.firewall.allowedTCPPorts = [ 19999 ];
|
||||||
|
services.netdata.enable = true;
|
||||||
|
|
||||||
|
# Select internationalisation properties.
|
||||||
|
i18n.defaultLocale = "en_US.UTF-8";
|
||||||
|
console = {
|
||||||
|
font = "Lat2-Terminus16";
|
||||||
|
keyMap = "de-latin1";
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
users.users.garionion = {
|
||||||
|
isNormalUser = true;
|
||||||
|
shell = pkgs.zsh;
|
||||||
|
packages = with pkgs; [
|
||||||
|
wget vim screen mtr iperf
|
||||||
|
htop dstat dnsutils nettools tcpdump
|
||||||
|
git bat starship direnv
|
||||||
|
];
|
||||||
|
hashedPassword = "$6$NMzXsfARs2HVA4iq$55uxWCANME/HsjIg9HmZyxqGwlr7RpJfCcMad2OhbmUiHhdnOh/v9TDwT3Vt0mu9HE37Fh3b1g2yyEa3Dxxg80";
|
||||||
|
extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
|
||||||
|
openssh.authorizedKeys.keys = ["ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAGw3Yuee8oSXSEqmoMzrqQrUizKV9sJbJMxAUC01wxvbxevAqFEpiGrznnu3K0HN3sfKItjqGkNDPDQ+mIlQwdwJAE0GyJIx9CMvo1RPugKSJ5rFh/vEgJTNMPaeYUb/L2rn3WEZHrZI5wwf+z4ljSHCVetAnaMKjk/+QQWgBHdvNImmA== gari@darwin"];
|
||||||
|
};
|
||||||
|
programs.zsh = {
|
||||||
|
enable = true;
|
||||||
|
histSize = 10000;
|
||||||
|
autosuggestions.enable = true;
|
||||||
|
enableBashCompletion = true;
|
||||||
|
syntaxHighlighting.enable = true;
|
||||||
|
promptInit = ''
|
||||||
|
source ~/.zkbd/$TERM-''${''${DISPLAY:t}:-''$VENDOR-''$OSTYPE}
|
||||||
|
[[ -n ''${key[Left]} ]] && bindkey "''${key[Left]}" backward-char
|
||||||
|
[[ -n ''${key[Right]} ]] && bindkey "''${key[Right]}" forward-char
|
||||||
|
bindkey "''${key[Up]}" up-line-or-search
|
||||||
|
bindkey "''${key[Home]}" beginning-of-line
|
||||||
|
bindkey "''${key[End]}" end-of-line
|
||||||
|
bindkey "''${key[Delete]}" delete-char
|
||||||
|
function command_not_found_handler() { command-not-found $1 }
|
||||||
|
alias cat='bat'
|
||||||
|
eval "$(direnv hook zsh)"
|
||||||
|
eval "$(starship init zsh)"
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
programs.starship = {
|
||||||
|
enable = true;
|
||||||
|
settings = {
|
||||||
|
# add_newline = false;
|
||||||
|
# character = {
|
||||||
|
# success_symbol = "[➜](bold green)";
|
||||||
|
# error_symbol = "[➜](bold red)";
|
||||||
|
# };
|
||||||
|
# package.disabled = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
programs.mtr.enable = true;
|
||||||
|
nix.settings = {
|
||||||
|
trusted-users = [ "@wheel" ];
|
||||||
|
auto-optimise-store = true;
|
||||||
|
};
|
||||||
|
nix.gc = {
|
||||||
|
automatic = true;
|
||||||
|
dates = "weekly";
|
||||||
|
options = "--delete-older-than 14d";
|
||||||
|
};
|
||||||
|
nix.extraOptions = ''
|
||||||
|
min-free = ${toString (100 * 1024 * 1024)}
|
||||||
|
max-free = ${toString (1024 * 1024 * 1024)}
|
||||||
|
'';
|
||||||
|
|
||||||
|
# List services that you want to enable:
|
||||||
|
|
||||||
|
services.openssh = {
|
||||||
|
enable = true;
|
||||||
|
passwordAuthentication = false;
|
||||||
|
kbdInteractiveAuthentication = false;
|
||||||
|
permitRootLogin = "yes";
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
# This value determines the NixOS release from which the default
|
||||||
|
# settings for stateful data, like file locations and database versions
|
||||||
|
# on your system were taken. It‘s perfectly fine and recommended to leave
|
||||||
|
# this value at the release version of the first install of this system.
|
||||||
|
# Before changing this value read the documentation for this option
|
||||||
|
# (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
|
||||||
|
system.stateVersion = "21.11"; # Did you read the comment?
|
||||||
|
|
||||||
|
}
|
13
hosts/pre-router/coredns-unbound.patch
Normal file
13
hosts/pre-router/coredns-unbound.patch
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
Index: plugin.cfg
|
||||||
|
IDEA additional info:
|
||||||
|
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
|
||||||
|
<+>UTF-8
|
||||||
|
===================================================================
|
||||||
|
diff --git a/plugin.cfg b/plugin.cfg
|
||||||
|
--- a/plugin.cfg (revision 4d1d9adb0ec125097466a4831f57a22069a0d638)
|
||||||
|
+++ b/plugin.cfg (revision 6a5782f32c139c6cec05341ffc530d05b0a44b06)
|
||||||
|
@@ -68,3 +68,4 @@
|
||||||
|
whoami:whoami
|
||||||
|
on:github.com/coredns/caddy/onevent
|
||||||
|
sign:sign
|
||||||
|
+unbound:github.com/coredns/unbound
|
42
hosts/pre-router/dhcp.nix
Normal file
42
hosts/pre-router/dhcp.nix
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
{ config, pkgs, ...}:
|
||||||
|
|
||||||
|
{
|
||||||
|
services.kea.dhcp4 = {
|
||||||
|
enable = true;
|
||||||
|
settings = {
|
||||||
|
interfaces-config = {
|
||||||
|
interfaces = [ "ens19"];
|
||||||
|
};
|
||||||
|
lease-database = {
|
||||||
|
name = "/var/lib/kea/dhcp4.leases";
|
||||||
|
persist = true;
|
||||||
|
type = "memfile";
|
||||||
|
};
|
||||||
|
subnet4 = [
|
||||||
|
# Heimnetz
|
||||||
|
{
|
||||||
|
subnet = "10.42.10.1/24";
|
||||||
|
pools = [
|
||||||
|
{
|
||||||
|
pool = "10.42.10.50 - 10.42.10.240";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
option-data = [
|
||||||
|
{
|
||||||
|
name = "routers";
|
||||||
|
data = "10.42.10.1";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
name = "domain-name-servers";
|
||||||
|
data = "10.42.10.1";
|
||||||
|
}
|
||||||
|
{
|
||||||
|
name = "domain-name";
|
||||||
|
data = "bula.entr0py.cloud";
|
||||||
|
}
|
||||||
|
];
|
||||||
|
}
|
||||||
|
];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
40
hosts/pre-router/dns.nix
Normal file
40
hosts/pre-router/dns.nix
Normal file
@ -0,0 +1,40 @@
|
|||||||
|
{ config, pkgs, lib, ...}:
|
||||||
|
|
||||||
|
{
|
||||||
|
networking.firewall.interfaces.ens19.allowedUDPPorts = [ 53 ];
|
||||||
|
services.coredns = {
|
||||||
|
enable = true;
|
||||||
|
config = ''
|
||||||
|
.:53 {
|
||||||
|
log
|
||||||
|
cache
|
||||||
|
unbound
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
package = lib.fix (self: (pkgs.buildGoModule {
|
||||||
|
inherit (pkgs.coredns) pname version src postPatch;
|
||||||
|
|
||||||
|
patches = pkgs.coredns.patches or [ ] ++ [
|
||||||
|
./coredns-unbound.patch
|
||||||
|
];
|
||||||
|
|
||||||
|
buildInputs = [ pkgs.unbound ];
|
||||||
|
|
||||||
|
vendorSha256 = "sha256-48S1oT+5uT6d+AM8u93AOTbJkW3CLtaowGv+th3cfyM=";
|
||||||
|
|
||||||
|
preBuild = ''
|
||||||
|
go generate
|
||||||
|
|
||||||
|
postInstall () {
|
||||||
|
cp go.mod $out
|
||||||
|
}
|
||||||
|
'';
|
||||||
|
|
||||||
|
}).overrideAttrs(old: {
|
||||||
|
preBuild = ''
|
||||||
|
cp ${self.passthru.go-modules}/go.mod .
|
||||||
|
go generate
|
||||||
|
'';
|
||||||
|
}));
|
||||||
|
};
|
||||||
|
}
|
38
hosts/pre-router/hardware-configuration.nix
Normal file
38
hosts/pre-router/hardware-configuration.nix
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
# Do not modify this file! It was generated by ‘nixos-generate-config’
|
||||||
|
# and may be overwritten by future invocations. Please make changes
|
||||||
|
# to /etc/nixos/configuration.nix instead.
|
||||||
|
{ config, lib, pkgs, modulesPath, ... }:
|
||||||
|
|
||||||
|
{
|
||||||
|
imports =
|
||||||
|
[ (modulesPath + "/profiles/qemu-guest.nix")
|
||||||
|
];
|
||||||
|
|
||||||
|
boot.initrd.availableKernelModules = [ "ata_piix" "uhci_hcd" "virtio_pci" "virtio_scsi" "sd_mod" "sr_mod" ];
|
||||||
|
boot.initrd.kernelModules = [ ];
|
||||||
|
boot.kernelModules = [ "kvm-intel" ];
|
||||||
|
boot.extraModulePackages = [ ];
|
||||||
|
|
||||||
|
fileSystems."/" =
|
||||||
|
{ device = "/dev/disk/by-uuid/9f5666bc-eb56-400b-a8f2-5e860deebdc2";
|
||||||
|
fsType = "ext4";
|
||||||
|
};
|
||||||
|
|
||||||
|
fileSystems."/boot" =
|
||||||
|
{ device = "/dev/disk/by-uuid/EA3E-948D";
|
||||||
|
fsType = "vfat";
|
||||||
|
};
|
||||||
|
|
||||||
|
swapDevices =
|
||||||
|
[ { device = "/dev/disk/by-uuid/7934574a-acf8-48b9-8f59-f25080ddea70"; }
|
||||||
|
];
|
||||||
|
|
||||||
|
# Enables DHCP on each ethernet and wireless interface. In case of scripted networking
|
||||||
|
# (the default) this is the recommended approach. When using systemd-networkd it's
|
||||||
|
# still possible to use this option, but it's recommended to use it in conjunction
|
||||||
|
# with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
|
||||||
|
networking.useDHCP = lib.mkDefault true;
|
||||||
|
# networking.interfaces.ens18.useDHCP = lib.mkDefault true;
|
||||||
|
|
||||||
|
hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
|
||||||
|
}
|
57
hosts/pre-router/ipv6.nix
Normal file
57
hosts/pre-router/ipv6.nix
Normal file
@ -0,0 +1,57 @@
|
|||||||
|
{ config, pkgs, ...}:
|
||||||
|
|
||||||
|
{
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
wireguard-tools
|
||||||
|
];
|
||||||
|
|
||||||
|
networking = {
|
||||||
|
firewall.allowedUDPPorts = [ 51820 ];
|
||||||
|
firewall.trustedInterfaces = [ "ens19"];
|
||||||
|
iproute2.enable = true;
|
||||||
|
iproute2.rttablesExtraConfig = ''
|
||||||
|
100 PUBLIC6
|
||||||
|
'';
|
||||||
|
wireguard.enable = true;
|
||||||
|
wireguard.interfaces = {
|
||||||
|
wg0 = {
|
||||||
|
ips = [ "fe80::42:10:1/64" ];
|
||||||
|
privateKey = "SUPERSECRETKEY";
|
||||||
|
listenPort = 51820;
|
||||||
|
allowedIPsAsRoutes = false;
|
||||||
|
postSetup = ''
|
||||||
|
ip -6 rule add from 2a01:4f8:1c0c:8221::/64 lookup PUBLIC6
|
||||||
|
ip -6 route add default via fe80::1 dev wg0 table PUBLIC6
|
||||||
|
'';
|
||||||
|
peers = [{
|
||||||
|
publicKey = "Y++eB9SfU17zB4mJ/6AaN761tngXAyTNoVaPNKmuvls=";
|
||||||
|
allowedIPs = [ "::/0" ];
|
||||||
|
endpoint = "78.47.183.82:51876";
|
||||||
|
#endpoint = "gatekeeper.net.clerie.de:51876";
|
||||||
|
persistentKeepalive = 25;
|
||||||
|
}];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
boot.kernel.sysctl."net.ipv6.conf.all.forwarding" = 1;
|
||||||
|
networking.interfaces.ens19.ipv6.addresses = [{
|
||||||
|
address = "2a01:4f8:1c0c:8221::1";
|
||||||
|
prefixLength = 64;
|
||||||
|
}];
|
||||||
|
services.corerad = {
|
||||||
|
enable = true;
|
||||||
|
settings = {
|
||||||
|
interfaces = [
|
||||||
|
{
|
||||||
|
name = "ens19";
|
||||||
|
advertise = true;
|
||||||
|
prefix = [{ prefix = "2a01:4f8:1c0c:8221::/64";}];
|
||||||
|
mtu = 1420;
|
||||||
|
}];
|
||||||
|
debug = {
|
||||||
|
address = "localhost:9430";
|
||||||
|
prometheus = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
34
hosts/pre-router/nginx.nix
Normal file
34
hosts/pre-router/nginx.nix
Normal file
@ -0,0 +1,34 @@
|
|||||||
|
{ config, pkgs, ...}:
|
||||||
|
|
||||||
|
{
|
||||||
|
|
||||||
|
networking.interfaces = {
|
||||||
|
ens20 = {
|
||||||
|
ipv4.addresses = [{
|
||||||
|
address = "10.42.123.55";
|
||||||
|
prefixLength = 24;
|
||||||
|
}];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
networking.firewall.allowedTCPPorts = [ 80 443 ];
|
||||||
|
security.acme.acceptTerms = true;
|
||||||
|
security.acme.defaults.email = "letsencrypt@entr0py.de";
|
||||||
|
services.nginx = {
|
||||||
|
enable = true;
|
||||||
|
clientMaxBodySize = "400M";
|
||||||
|
recommendedGzipSettings = true;
|
||||||
|
recommendedOptimisation = true;
|
||||||
|
recommendedProxySettings = true;
|
||||||
|
recommendedTlsSettings = true;
|
||||||
|
};
|
||||||
|
services.nginx.virtualHosts."lightbuffet.entr0py.cloud" = { # Gitea hostname
|
||||||
|
enableACME = true; # Use ACME certs
|
||||||
|
forceSSL = true; # Force SSL
|
||||||
|
locations."/" = {
|
||||||
|
proxyPass = "https://10.42.123.20:8006";
|
||||||
|
proxyWebsockets = true;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
31
hosts/pre-router/router.nix
Normal file
31
hosts/pre-router/router.nix
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
{ config, pkgs, ...}:
|
||||||
|
|
||||||
|
{
|
||||||
|
|
||||||
|
environment.systemPackages = with pkgs; [
|
||||||
|
ethtool # manage NIC settings (offload, NIC feeatures, ...)
|
||||||
|
conntrack-tools # view network connection states
|
||||||
|
];
|
||||||
|
|
||||||
|
networking.firewall.interfaces.lan.allowedUDPPorts = [ 67 53 ];
|
||||||
|
networking = {
|
||||||
|
nameservers = [ "141.24.40.3" "141.24.40.4" ];
|
||||||
|
nat = {
|
||||||
|
enable = true;
|
||||||
|
extraCommands = "iptables -A INPUT -p icmp -j ACCEPT";
|
||||||
|
externalInterface = "ens18";
|
||||||
|
internalInterfaces = [ "ens19" ];
|
||||||
|
};
|
||||||
|
interfaces = {
|
||||||
|
ens19.useDHCP = false;
|
||||||
|
ens18.useDHCP = true;
|
||||||
|
# Handle the VLANs
|
||||||
|
ens19 = {
|
||||||
|
ipv4.addresses = [{
|
||||||
|
address = "10.42.10.1";
|
||||||
|
prefixLength = 24;
|
||||||
|
}];
|
||||||
|
};
|
||||||
|
};
|
||||||
|
};
|
||||||
|
}
|
15
users/garionion/default.nix
Normal file
15
users/garionion/default.nix
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
{ config, pkgs, ... }:
|
||||||
|
{
|
||||||
|
users.users.garionion = {
|
||||||
|
isNormalUser = true;
|
||||||
|
shell = pkgs.zsh;
|
||||||
|
packages = with pkgs; [
|
||||||
|
wget vim screen mtr iperf
|
||||||
|
htop dstat dnsutils nettools tcpdump
|
||||||
|
git bat starship direnv
|
||||||
|
];
|
||||||
|
hashedPassword = "$6$NMzXsfARs2HVA4iq$55uxWCANME/HsjIg9HmZyxqGwlr7RpJfCcMad2OhbmUiHhdnOh/v9TDwT3Vt0mu9HE37Fh3b1g2yyEa3Dxxg80";
|
||||||
|
extraGroups = [ "wheel" ]; # Enable ‘sudo’ for the user.
|
||||||
|
openssh.authorizedKeys.keys = ["ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAGw3Yuee8oSXSEqmoMzrqQrUizKV9sJbJMxAUC01wxvbxevAqFEpiGrznnu3K0HN3sfKItjqGkNDPDQ+mIlQwdwJAE0GyJIx9CMvo1RPugKSJ5rFh/vEgJTNMPaeYUb/L2rn3WEZHrZI5wwf+z4ljSHCVetAnaMKjk/+QQWgBHdvNImmA== gari@darwin"];
|
||||||
|
};
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user