more ssh keys allowed

home-modules/nx-gcal-event.nix

@@ -1,4 +1,4 @@
-{ pkgs, ... }@all: with all;
+{ pkgs, ... }@all: with all; let
   sep = " ";
 in {
   home = {

home-modules/ssh.nix

@@ -7,7 +7,7 @@
         host = name;
         hostname = "ssh.${hyper.domain}";
         user = hyper.user;
-        port = secrets.ssh.port;
+        port = 50022;
         identityFile = "${hyper.home}/vault/ssh/nxace-nx2-${hyper.host}";
       };
     in {
@@ -23,24 +23,31 @@
   };
   home.packages = with pkgs; [ sshfs ];
 
-  services.gpg-agent = let 
+  services = {
-    min2sec = min: (min * 60);
+    ssh-agent = {
-  in {
+      enable = true;
-    enable = false;
+      # socket = "ssh-agent"; # suffix to $XDG_RUNTIME_DIR
-    verbose = true;
+      # package = pkgs.openssh;
-    sshKeys = [
+    };
-      "97081264F7FD72D890D496E839AA9A4C7892A7D8" # Keygrip (not Fingerprint!) of [A] Subkey
+    gpg-agent = let 
-    ];
+      min2sec = min: (min * 60);
-    enableSshSupport = true;
+    in {
-    enableFishIntegration = true;
+      enable = false;
-    defaultCacheTtlSsh = min2sec 60;
+      verbose = true;
-    defaultCacheTtl = min2sec 30;
+      sshKeys = [
-    pinentry = {
+        "97081264F7FD72D890D496E839AA9A4C7892A7D8" # Keygrip (not Fingerprint!) of [A] Subkey
-      package = pkgs.pinentry;
+      ];
-      program = "pinentry";
+      enableSshSupport = true;
+      enableFishIntegration = true;
+      defaultCacheTtlSsh = min2sec 60;
+      defaultCacheTtl = min2sec 30;
+      pinentry = {
+        package = pkgs.pinentry;
+        program = "pinentry";
+      };
+      extraConfig = ''
+        allow-loopback-pinentry
+      '';
     };
-    extraConfig = ''
-      allow-loopback-pinentry
-    '';
   };
 }

nixos-wsl.nix

@@ -8,13 +8,9 @@
     ./system-modules/gpg.nix
     ./system-modules/networking.nix
     ./system-modules/nixd.nix
-    # ./system-modules/sops.nix
-    # ./system-modules/sshd.nix
-    # ./system-modules/syncthing.nix
     ./system-modules/users.nix
   ];
   system.stateVersion = pkgs.version;
-  # system.stateVersion = "24.11";
   wsl = {
     defaultUser = hyper.user;
     enable = true;
@@ -31,6 +27,5 @@
       ];
     };
   };
-
   nixpkgs.hostPlatform = hyper.system;
 }

system-modules/gpg.nix

@@ -1,14 +1,8 @@
-{ pkgs, ... }@all: with all;
+{ pkgs, ... }@all: with all; {
-{
-  environment.systemPackages = with pkgs; [
-    gnupg
-    gpg-tui
-  ];
-
   programs.gnupg = {
     dirmngr.enable = true;
     agent = {
-      enable = true;
+      enable = false;
       enableSSHSupport = true;
       enableExtraSocket = true;
       enableBrowserSocket = true;

system-modules/users.nix

@@ -28,7 +28,9 @@
       useDefaultShell = true;
       openssh.authorizedKeys.keys = [
         "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAID1RPCcS8DtIf75a2FEW4d8X6WTVeLlmretoLqppvZlJ" # From [A] GPG Sub Key
-        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5sYVtPLHXatTjrpol46xr9R4TidcB4t8axO6/ReNNR nx2@ssh.nx2.site" # NxXPS
+        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE5sYVtPLHXatTjrpol46xr9R4TidcB4t8axO6/ReNNR nxxps-nx2@nxace"
+        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC/zcoYuYbamTPMOZPfsP1yQJ5Y6sDlPfBwui8MQjKWn nxnorth-nx2@nxace"
+        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMnbJx7nVeVi5jK1Eybm+jQoopiCTslewuHFLv2yCt4f nxdcs-nx2@nxace"
       ];
     };
   };