feat: add public ssh key to the secrets file

.gitignore

@@ -7,7 +7,3 @@ secrets.nix
 
 # Only track the example file
 !secrets.nix.example
-
-# IDEs
-.idea
-.vscode

README.md

@@ -5,7 +5,7 @@ nixos config for the hetzner vps.
 services:
 - forgejo (git.extremist.software)
 - stalwart (mail.extremist.software)
-- searx (search.extremist.software)
+- searxng (search.extremist.software)
 - conduit (matrix.extremist.software)
 - minecraft (extremist.software)
 - caddy (reverse proxy)

configuration.nix

@@ -34,8 +34,7 @@
   
   # Users
   users.users.root.openssh.authorizedKeys.keys = [
-    # User should add their key here
+    config.mySecrets.sshPublicKey
-    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5..." 
   ];
 
   # SSH - Secure it

modules/minecraft.nix

@@ -15,10 +15,10 @@
         # Use fetchPackwizModpack to get the server with mods
         package = pkgs.fetchPackwizModpack {
           url = "https://raw.githubusercontent.com/Fabulously-Optimized/fabulously-optimized/main/Packwiz/1.20.1/pack.toml";
-          packHash = "sha256-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA="; # User must update this hash!
+          packHash = "sha256-eoaJQtlb6BfCFVG8iUYxVQD5woLq+kecJj6GvBA1IqQ="; # User must update this hash!
         };
         serverProperties = {
-          motd = "Extremist Software Optimized Server";
+          motd = "Extremist Software Minecraft Server";
           difficulty = "hard";
           view-distance = 10;
           simulation-distance = 10;

modules/secrets-scheme.nix

@@ -24,5 +24,9 @@ with lib;
       type = types.str;
       description = "Tailscale Auth Key";
     };
+    sshPublicKey = mkOption {
+      type = types.str;
+      description = "SSH Public Key for Root User";
+    };
   };
 }

secrets.nix.example

@@ -8,5 +8,6 @@
     searxKey = "changeme_searx_secret";
     minecraftRcon = "changeme_rcon";
     tailscaleKey = "tskey-auth-PLACEHOLDER";
+    sshPublicKey = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAA...";
   };
 }