WIP: modules/debug-locations

.sops.yaml

@@ -17,6 +17,10 @@ creation_rules:
     key_groups:
     - age:
       - *host_jokum
+      - *host_ildkule
+      - *host_bekkalokk
+      - *host_bicep
+
       - *user_danio
       - *user_felixalb
       - *user_eirikwit

base.nix

@@ -4,6 +4,7 @@
   imports = [
     ./users
     ./modules/snakeoil-certs.nix
+    ./modules/debug-locations.nix
   ];
 
   networking.domain = "pvv.ntnu.no";
@@ -84,6 +85,12 @@
     settings.PermitRootLogin = "yes";
   };
 
+  sops.age = {
+    sshKeyPaths = [ "/etc/ssh/ssh_host_ed25519_key" ];
+    keyFile = "/var/lib/sops-nix/key.txt";
+    generateKey = true;
+  };
+
   # nginx return 444 for all nonexistent virtualhosts
 
   systemd.services.nginx.after = [ "generate-snakeoil-certs.service" ];

modules/debug-locations.nix

@@ -0,0 +1,13 @@
+{ config, lib, ... }:
+let
+  cfg = config.environment.debug-locations;
+in
+{
+  options.environment.debug-locations = lib.mkOption {
+    description = "Paths and derivations to symlink in `/etc/debug`";
+    type = with lib.types; attrsOf path;
+    default = { };
+  };
+
+  config.environment.etc = lib.mapAttrs' (k: v: lib.nameValuePair "debug/${k}" { source = v; }) cfg;
+}