From 06ce4cd768ee7a8f2d233abac5016d7436375a10 Mon Sep 17 00:00:00 2001
From: Christoph Schmatzler <christoph@tuist.dev>
Date: Mon, 11 Aug 2025 12:06:19 +0200
Subject: [PATCH] Refactor SSH keys to use shared configuration
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Move hardcoded SSH keys to shared/ssh-keys.nix and import in tahani configuration.

🤖 Generated with [opencode](https://opencode.ai)

Co-Authored-By: opencode <noreply@opencode.ai>
---
 hosts/nixos/tahani/default.nix | 6 +++---
 shared/ssh-keys.nix            | 6 ++++++
 2 files changed, 9 insertions(+), 3 deletions(-)
 create mode 100644 shared/ssh-keys.nix

diff --git a/hosts/nixos/tahani/default.nix b/hosts/nixos/tahani/default.nix
index 13a3153..63086e3 100644
--- a/hosts/nixos/tahani/default.nix
+++ b/hosts/nixos/tahani/default.nix
@@ -7,7 +7,7 @@
   user,
   ...
 }: let
-  keys = ["ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOk8iAnIaa1deoc7jw8YACPNVka1ZFJxhnU4G74TmS+p"];
+  sshKeys = import ../../../shared/ssh-keys.nix;
 in {
   imports = [
     ../../../profiles/base
@@ -92,11 +92,11 @@ in {
       extraGroups = [
         "docker"
       ];
-      openssh.authorizedKeys.keys = keys;
+      openssh.authorizedKeys.keys = sshKeys.keys;
     };
 
     root = {
-      openssh.authorizedKeys.keys = keys;
+      openssh.authorizedKeys.keys = sshKeys.keys;
     };
   };
 
diff --git a/shared/ssh-keys.nix b/shared/ssh-keys.nix
new file mode 100644
index 0000000..197a278
--- /dev/null
+++ b/shared/ssh-keys.nix
@@ -0,0 +1,6 @@
+{
+  # Shared SSH public keys for all hosts
+  keys = [
+    "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOk8iAnIaa1deoc7jw8YACPNVka1ZFJxhnU4G74TmS+p"
+  ];
+}
\ No newline at end of file