nix: use `nix.settings`

[julm/julm-nix.git] / hosts / oignon / networking.nix

diff --git a/hosts/oignon/networking.nix b/hosts/oignon/networking.nix
index 7df41545c962dcc370d6ccae2f61bb980603a6c9..a4e08610f827eea9301749431f0d3d5bb2bd1a59 100644 (file)
--- a/hosts/oignon/networking.nix
+++ b/hosts/oignon/networking.nix
@@ -3,6 +3,10 @@
   imports = [
     ../../nixos/profiles/dnscrypt-proxy2.nix
     ../../nixos/profiles/wireguard/wg-intra.nix
+    ../../nixos/profiles/networking/ssh.nix
+    ../../nixos/profiles/networking/wifi.nix
+    ../../nixos/profiles/openvpn/calyx.nix
+    ./wireguard.nix
     networking/nftables.nix
   ];
   install.substituteOnDestination = false;
@@ -60,18 +64,12 @@
     '';
   };
 
-  networking.wireguard.wg-intra.peers = {
-    mermet.enable = true;
-    losurdo.enable = true;
-    patate.enable = true;
-    aubergine.enable = true;
-  };
-
-  services.openssh.listenAddresses = [
-  ];
-
   environment.systemPackages = [
     pkgs.iw
     pkgs.modem-manager-gui
   ];
+
+  systemd.services.sshd.serviceConfig.LoadCredentialEncrypted = [
+    "host.key:${ssh/host.key.cred}"
+  ];
 }