make copernicus have a static ip

boxes/copernicus/default.nix

@@ -97,6 +97,15 @@
   nixpkgs.config.allowUnfree = true;
   networking = {
     hostName = "copernicus";
+    interfaces.eno1 = {
+      useDHCP = true;
+      ipv4.addresses = [
+        {
+          address = "192.168.1.201";
+          prefixLength = 24;
+        }
+      ];
+    };
     firewall = {
       enable = true;
       interfaces = {

boxes/copernicus/hardware-configuration.nix

@@ -28,13 +28,6 @@
     [ { device = "/dev/disk/by-uuid/fc5366cc-2cec-415e-85dd-7c01a4e4fb4f"; }
     ];
 
-  # Enables DHCP on each ethernet and wireless interface. In case of scripted networking
-  # (the default) this is the recommended approach. When using systemd-networkd it's
-  # still possible to use this option, but it's recommended to use it in conjunction
-  # with explicit per-interface declarations with `networking.interfaces.<interface>.useDHCP`.
-  networking.useDHCP = lib.mkDefault true;
-  # networking.interfaces.eno1.useDHCP = lib.mkDefault true;
-
   nixpkgs.hostPlatform = lib.mkDefault "x86_64-linux";
   hardware.cpu.intel.updateMicrocode = lib.mkDefault config.hardware.enableRedistributableFirmware;
 }

boxes/copernicus/services/default.nix

@@ -3,5 +3,6 @@
 {
   imports = [
     ./wireguard.nix
+    ./sshd.nix
   ];
 }

boxes/copernicus/services/sshd.nix

@@ -0,0 +1,17 @@
+{ machines, ...}:
+
+{
+  services.openssh = {
+    enable = true;
+    settings = {
+      PermitRootLogin = "no";
+      PasswordAuthentication = false;
+    };
+  };
+
+  users.users.usr.openssh.authorizedKeys.keys = [
+    machines.copernicus.pubkey
+    machines.aristotle.pubkey
+    machines.phone.pubkey
+  ];
+}

boxes/netbox/default.nix

@@ -1,4 +1,4 @@
-{ lib, config, pkgs, machines, ... }:
+{ pkgs, ... }:
 
 {
   imports = [