From 7c094f43c4009d9e4d3e2588f50d93ca054eeb9a Mon Sep 17 00:00:00 2001
From: niten <niten@fudo.org>
Date: Thu, 9 Dec 2021 10:28:02 -0800
Subject: [PATCH] Make plato, socrates, and limina hard

---
 hosts/limina.nix   |  1 +
 hosts/plato.nix    | 13 +------------
 hosts/socrates.nix |  9 +--------
 3 files changed, 3 insertions(+), 20 deletions(-)

diff --git a/hosts/limina.nix b/hosts/limina.nix
index d768ed6..9cf78b5 100644
--- a/hosts/limina.nix
+++ b/hosts/limina.nix
@@ -29,4 +29,5 @@
       private-key-file = "/state/ssh/initrd/ssh_ed25519_key";
     };
   };
+  hardened = true;
 }
diff --git a/hosts/plato.nix b/hosts/plato.nix
index e6c0ded..de2e4c2 100644
--- a/hosts/plato.nix
+++ b/hosts/plato.nix
@@ -1,21 +1,10 @@
 {
   description = "Niten's toy server.";
-  # ssh-fingerprints = [
-  #   "4 1 9cc052ed00cbfd82c60530ebb3a35c25c0aeace9"
-  #   "4 2 5938044054e9fa6cf3ad8176ef8e81b86eede598c19388220d4b07587f6f1c3c"
-  #   "1 1 eebe1d4a24e0e2dbc46a7cb1107333c06e60d89e"
-  #   "1 2 a96609da442372bd73044d823b4b56bbaa597725c846b4326be76c323bb47ab3"
-  # ];
   rp = "niten";
   admin-email = "niten@fudo.org";
   domain = "sea.fudo.org";
   site = "seattle";
   profile = "server";
-  # ssh-pubkey =
-  #   "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGuClWAtkOMBOVFAFFdWosCT8NvuJBps46P4RV+Qqz4b";
-  # build-pubkeys = [
-  #   "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDMPjwpcktL0Rhjc/D3ZmzwkSRqSJX5TGjMXVstpg8nNqQQrj9DxPq7gV4a+1LxMtQGPUv4gYx7De1a5LMVk8u6qJJnaLlt3TB1e1SUCBxxeh5sWIY5BMx8Q0/aRTkyTchyczX6FX0LXM7FP6yvxZVZSn2WHRp7REr8G1PUAwuIGy2a4bKOUSh5Uj4riXFXnROW2mp1vUfe5oH4X5HP3ACCXWRVUFdqDt1ldcrqqi+7/8x2G1eOHJcQ7B5FdL3uuq0nBrUzFQTt6KCHy0C2Jc3DFwOS1+ZdGKZpao+/arh/fH+LQfMUePx/AQOkYrJwvuRwbxg8XmlZ89u2gyDuqapzjBmsu+wyd5pF2QglyTRZW9Ijy1NTuzduPm6wgqN0Q09evFJvM9ZjShcIY3xTcCGDxpwTeYgMVXMF79sV9u+JwCSBpaIyteIJ7M/J/NWmaKoUF6Ia9mNts889Ba9TKzQFek19KYetOB2hfXV+7bvXrH+OBppzpdrztJFavBceQTs="
-  # ];
   tmp-on-tmpfs = false;
   arch = "x86_64-linux";
   nixos-system = true;
@@ -24,5 +13,5 @@
     public-key = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICgAzn6gyG1ze7L1WLU84poPGcoUntqfvgn+/s3bxhR2";
     key-path = "/state/master-key/key";
   };
-  # initrd-ip = "10.0.5.11";
+  hardened = true;
 }
diff --git a/hosts/socrates.nix b/hosts/socrates.nix
index ba412c6..8c565e5 100644
--- a/hosts/socrates.nix
+++ b/hosts/socrates.nix
@@ -1,18 +1,10 @@
 {
   description = "sea.fudo.org deploy server.";
-  # ssh-fingerprints = [
-  #   "1 1 4055c1d922ec858e703856dd76237f09219261e5"
-  #   "1 2 0f7bfa92fa0435785782b68ca4c9b71786d67df60804ea4b4c42ebb37d061659"
-  #   "4 1 5dc2b674554df5e042171b4045fcfe31f03ad01a"
-  #   "4 2 9bcf664a191e31bf53aa4728828480babdab5377da39a002324303c719b16a55"
-  # ];
   rp = "niten";
   admin-email = "niten@fudo.org";
   domain = "sea.fudo.org";
   site = "seattle";
   profile = "server";
-  # ssh-pubkey =
-  #   "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP4TqqumZwSDLkg8cTpR734zM+nuqEp1ufaQPoFdqCab";
   tmp-on-tmpfs = false;
   arch = "x86_64-linux";
   nixos-system = true;
@@ -29,4 +21,5 @@
       private-key-file = "/state/ssh/initrd/ssh_ed25519_key";
     };
   };
+  hardened = true;
 }