restructure homebox

modules/features/openssh.nix

@@ -8,7 +8,6 @@
                 enable = true;
                 openFirewall = lib.mkDefault true;
                 settings = {
-                    PermitRootLogin = lib.mkForce "no";
                     PasswordAuthentication = false;
                     KbdInteractiveAuthentication = false;
                 };

modules/hosts/homebox/configuration.nix

@@ -48,6 +48,11 @@
 
             systemd.settings.Manager.DefaultLimitNOFILE = 2048;
 
+            users.users.root.openssh.authorizedKeys.keys = [
+                "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop"
+                    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEnUhN2uHwAJF/SLRX3wlGRmfhV3zpP88JQAYB+gh8jW nathan@localhost"
+            ];
+
             programs.zsh.enable = true;
             environment.shells = with pkgs; [ zsh bashInteractive ];
 

modules/users/nathan/nathan.nix

@@ -16,7 +16,7 @@
                 name = lib.mkDefault "nathan";
                 isNormalUser = lib.mkDefault true;
 #hashedPasswordFile = lib.mkIf (cfg.hashedPasswordFile != null) cfg.hashedPasswordFile;
-                extraGroups = [ "networkmanager" "docker" "libvirtd" ];
+                extraGroups = [ "networkmanager" "docker" "libvirtd" "wheel" ];
                 openssh.authorizedKeys.keys = lib.mkMerge [
                     (useWith homebox [
                         "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAsU69CxfQk58CvItPN426h5Alnpb60SH37wet97Vb57 nathan@laptop"