dannydannydanny/dotfiles
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Rename nixos-server to sunken-ship

Browse source 
- Rename hosts/nixos-server.nix -> sunken-ship.nix, nixos-server-hardware.nix -> sunken-ship-hardware.nix
- Flake: nixos-server -> sunken-ship, update module path
- Set networking.hostName = sunken-ship in server configs
- Update AGENTS.md, nixos/readme.md, docs/ssh-and-secrets.md, TODO.md

Made-with: Cursor
This commit is contained in:
DannyDannyDanny 2026-03-01 12:44:28 +01:00
parent cd7658f452
commit 1338fb1b68
9 changed files with 19 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

2
docs/ssh-and-secrets.md
View file

@ -6,7 +6,7 @@ Strategy for SSH key management and secrets with a public NixOS/dotfiles repo an
- **Repo:** Public only. No keys or tokens in the repo ([AGENTS.md](../AGENTS.md)).
- **SSH keys:** One key per purpose (e.g. `id_ed25519_github`, `id_ed25519_servers`, `id_ed25519_forgejo`). Configure `~/.ssh/config` with `IdentityFile` and `IdentitiesOnly yes` per host. Keys live outside the repo.
- **Server authorized_keys:** Not managed by Nix. Push public keys via `scp` and append to `~/.ssh/authorized_keys` on each server. See [server-quickstart.md](../server-quickstart.md) and comments in [nixos/hosts/nixos-server.nix](../nixos/hosts/nixos-server.nix).
- **Server authorized_keys:** Not managed by Nix. Push public keys via `scp` and append to `~/.ssh/authorized_keys` on each server. See [server-quickstart.md](../server-quickstart.md) and comments in [nixos/hosts/sunken-ship.nix](../nixos/hosts/sunken-ship.nix).
Benefits: no private repo, simple, works with public dotfiles. Trade-off: one-time (or scripted) scp step per server; authorized_keys are not declarative in Nix.