Makefile

@@ -76,8 +76,7 @@ configure:
 dotfiles/guile/ssh.txt: dotfiles/guile/ssh.scm
 	guile dotfiles/guile/ssh.scm > dotfiles/guile/ssh.txt
 
-.PHONY:
-decrypt:
+dotfiles/guixsd/modules/home/config/openssh.scm.gpg:
 	gpg --quiet --decrypt dotfiles/guixsd/modules/home/config/openssh.scm.gpg > dotfiles/guixsd/modules/home/config/openssh.scm
 
 .PHONY: dotfiles/scripts/nix-ssh-known-hosts-to-file.scm
@@ -127,7 +126,7 @@ dotfiles/mjru/intr.nix:
 	dotfiles/mjru/intr.nix > dotfiles/mjru/intr.json
 
 .PHONY: install
-install: decrypt dotfiles/guixsd/machines.scm dotfiles/nix/nix.conf dotfiles/scripts/nix-ssh-known-hosts-to-file.scm
+install: dotfiles/guixsd/modules/home/config/openssh.scm.gpg dotfiles/guixsd/machines.scm dotfiles/nix/nix.conf dotfiles/scripts/nix-ssh-known-hosts-to-file.scm
 	dot_local/bin/executable_gpg-unlock > /dev/null
 	update-desktop-database $(HOME)/.local/share/applications
 	mkdir -p $(HOME)/.config/mpv/scripts
@@ -319,7 +318,7 @@ isc-dhcp:
 
 container_registry=harbor.home.wugi.info
 .ONESHELL:
-guix-image-workstation:
+guix-image-workstation: dotfiles/guixsd/modules/home/config/openssh.scm.gpg
 	set -o nounset -o errexit -o pipefail -o xtrace
 	commit_8=$$(git rev-parse HEAD | cut -c -8)
 	container=$$(GUILE_LOAD_PATH="dotfiles/guixsd/modules:${GUILE_LOAD_PATH}" GUIX_PACKAGE_PATH="dotfiles/guixsd/modules:${GUIX_PACKAGE_PATH}" guix time-machine --channels=dotfiles/channels-current-guix-image-workstation.scm -- system image --substitute-urls='https://guix.wugi.info https://bordeaux.guix.gnu.org https://substitutes.nonguix.org http://ci.guix.trop.in' --max-layers=100 -t docker --network ~/.local/share/chezmoi/dotfiles/guixsd/guix-image-workstation.scm)

apps/cluster1/workstation/kustomization.yaml

@@ -10,10 +10,10 @@ patchesStrategicMerge:
 - daemonset.yaml
 images:
 - name: harbor.home.wugi.info/library/guix-image-workstation
-  newTag: "1b2d17c0"
+  newTag: "5a1fa712"
 - name: harbor.home.wugi.info/library/nixos-systemd
   newName: harbor.home.wugi.info/library/nixos-systemd-taskexecutor
-  newTag: e9222a59
+  newTag: f4a67d00
 - name: harbor.home.wugi.info/library/archlinux-systemd
   newTag: 08cf15ae
 - name: harbor.home.wugi.info/library/kali-rolling

dotfiles/guixsd/guix-image-workstation.scm

@@ -10,6 +10,7 @@
              (gnu home services shells)
              (gnu home services shells)
              (gnu home services sound)
+             (gnu home services ssh)
              (gnu home services)
              (gnu home)
              (gnu packages admin)
@@ -33,6 +34,7 @@
 (use-modules (services desktop)
              (services docker)
              (home config)
+             (home config openssh)
              (home services audio)
              (home services databases)
              (home services desktop)
@@ -79,7 +81,9 @@
 (define oleg-home
   (home-environment
    (packages (packages-from-manifest "/home/oleg/.local/share/chezmoi/dotfiles/manifests/pc0.scm"))
-   (services (list (service home-dbus-service-type)
+   (services (list (service home-openssh-service-type
+                            %home-openssh-configuration)
+                   (service home-dbus-service-type)
                    (service home-pipewire-service-type)
                    (simple-service 'test-config
                         home-xdg-configuration-files-service-type