From 3b460e93e6481114a3183d55d6c7bfe662603e0d Mon Sep 17 00:00:00 2001
From: Jet Pham <jetthomaspham@gmail.com>
Date: Tue, 17 Feb 2026 00:55:23 -0800
Subject: [PATCH] feat: add public ssh key to the secrets file

---
 .gitignore                 | 4 ----
 README.md                  | 2 +-
 configuration.nix          | 3 +--
 modules/minecraft.nix      | 4 ++--
 modules/secrets-scheme.nix | 4 ++++
 secrets.nix.example        | 1 +
 6 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/.gitignore b/.gitignore
index 5279bb3..abe153a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -7,7 +7,3 @@ secrets.nix
 
 # Only track the example file
 !secrets.nix.example
-
-# IDEs
-.idea
-.vscode
diff --git a/README.md b/README.md
index e490571..06566af 100644
--- a/README.md
+++ b/README.md
@@ -5,7 +5,7 @@ nixos config for the hetzner vps.
 services:
 - forgejo (git.extremist.software)
 - stalwart (mail.extremist.software)
-- searx (search.extremist.software)
+- searxng (search.extremist.software)
 - conduit (matrix.extremist.software)
 - minecraft (extremist.software)
 - caddy (reverse proxy)
diff --git a/configuration.nix b/configuration.nix
index 8f97cbb..0dd41cd 100644
--- a/configuration.nix
+++ b/configuration.nix
@@ -34,8 +34,7 @@
   
   # Users
   users.users.root.openssh.authorizedKeys.keys = [
-    # User should add their key here
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5..." 
+    config.mySecrets.sshPublicKey
   ];
 
   # SSH - Secure it
diff --git a/modules/minecraft.nix b/modules/minecraft.nix
index f4170b9..6d0e6c3 100644
--- a/modules/minecraft.nix
+++ b/modules/minecraft.nix
@@ -15,10 +15,10 @@
         # Use fetchPackwizModpack to get the server with mods
         package = pkgs.fetchPackwizModpack {
           url = "https://raw.githubusercontent.com/Fabulously-Optimized/fabulously-optimized/main/Packwiz/1.20.1/pack.toml";
-          packHash = "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="; # User must update this hash!
+          packHash = "sha256-eoaJQtlb6BfCFVG8iUYxVQD5woLq+kecJj6GvBA1IqQ="; # User must update this hash!
         };
         serverProperties = {
-          motd = "Extremist Software Optimized Server";
+          motd = "Extremist Software Minecraft Server";
           difficulty = "hard";
           view-distance = 10;
           simulation-distance = 10;
diff --git a/modules/secrets-scheme.nix b/modules/secrets-scheme.nix
index c5e5b76..fbc3281 100644
--- a/modules/secrets-scheme.nix
+++ b/modules/secrets-scheme.nix
@@ -24,5 +24,9 @@ with lib;
       type = types.str;
       description = "Tailscale Auth Key";
     };
+    sshPublicKey = mkOption {
+      type = types.str;
+      description = "SSH Public Key for Root User";
+    };
   };
 }
diff --git a/secrets.nix.example b/secrets.nix.example
index 24856c8..4b59392 100644
--- a/secrets.nix.example
+++ b/secrets.nix.example
@@ -8,5 +8,6 @@
     searxKey = "changeme_searx_secret";
     minecraftRcon = "changeme_rcon";
     tailscaleKey = "tskey-auth-PLACEHOLDER";
+    sshPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAA...";
   };
 }