diff options
| -rw-r--r-- | src/config/known-hosts.txt | 5 | ||||
| -rw-r--r-- | src/guix/system.scm | 6 |
2 files changed, 11 insertions, 0 deletions
diff --git a/src/config/known-hosts.txt b/src/config/known-hosts.txt new file mode 100644 index 0000000..74ba219 --- /dev/null +++ b/src/config/known-hosts.txt @@ -0,0 +1,5 @@ +# rsync.net public keys +# Verified in 2023-03-08 at: +# https://www.rsync.net/resources/fingerprints.txt + +hk-s020.rsync.net ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILcPl9x9JfRFwsn09NnDw/xBZbAN80ZQck+h6AqlVqPH diff --git a/src/guix/system.scm b/src/guix/system.scm index 0aa0b5d..9d317bd 100644 --- a/src/guix/system.scm +++ b/src/guix/system.scm @@ -41,6 +41,10 @@ path) "src/tld.txt")) +(define +known-hosts+ + ((compose pkg:slurp path) + "src/config/known-hosts.txt")) + (define +cert.pem+ (pkg:str "/etc/letsencrypt/live/" +tld+ "/cert.pem")) (define +privkey.pem+ (pkg:str "/etc/letsencrypt/live/" +tld+ "/privkey.pem")) @@ -112,6 +116,8 @@ (service q:cyrus-sasl-service-type) (service q:dovecot-service-type) (service q:internet-postfix-service-type) + (simple-service 'known-hosts-etc-file etc-service-type + `(("known_hosts" ,(plain-file "known-hosts.txt" +known-hosts+)))) (service mail-aliases-service-type `(("root" "andre") ("support" ,@(map s1:first +users+))))) |