From 0cc1e79966d069191967aa577ca19046ab4d4188 Mon Sep 17 00:00:00 2001
From: Nikolaos Karaolidis <nick@karaolidis.com>
Date: Fri, 14 Mar 2025 10:17:32 +0000
Subject: [PATCH] Add sas RSA key

Signed-off-by: Nikolaos Karaolidis <nick@karaolidis.com>
---
 hosts/elara/configs/git/default.nix           |  4 ++--
 .../nikara/configs/console/git/default.nix    |  8 +++++++
 .../nikara/configs/console/ssh/default.nix    | 22 ++++++++++++++----
 packages/default.nix                          |  3 +++
 .../ssh/known-hosts/sas/artifact/default.nix  | 23 +++++++++++++++++++
 5 files changed, 53 insertions(+), 7 deletions(-)
 create mode 100644 packages/ssh/known-hosts/sas/artifact/default.nix

diff --git a/hosts/elara/configs/git/default.nix b/hosts/elara/configs/git/default.nix
index e6bbb82..0095134 100644
--- a/hosts/elara/configs/git/default.nix
+++ b/hosts/elara/configs/git/default.nix
@@ -9,9 +9,9 @@ let
   selfPkgs = inputs.self.packages.${system};
 in
 {
-  sops.secrets."ssh/sas/key" = {
+  sops.secrets."ssh/sas/ed25519/key" = {
     sopsFile = ../../../../secrets/sas/secrets.yaml;
-    key = "ssh/key";
+    key = "ssh/ed25519/key";
     path = "/root/.ssh/ssh_sas_ed25519_key";
   };
 
diff --git a/hosts/elara/users/nikara/configs/console/git/default.nix b/hosts/elara/users/nikara/configs/console/git/default.nix
index 503a632..7130280 100644
--- a/hosts/elara/users/nikara/configs/console/git/default.nix
+++ b/hosts/elara/users/nikara/configs/console/git/default.nix
@@ -84,6 +84,13 @@ in
             port = 29418;
             identityFile = "${home}/.ssh/ssh_sas_ed25519_key";
           };
+
+          "artifactlfs.unx.sas.com" = {
+            hostname = "artifactlfs.unx.sas.com";
+            user = "nikara";
+            port = 1339;
+            identityFile = "${home}/.ssh/ssh_sas_rsa_key";
+          };
         };
 
         userKnownHostsFiles =
@@ -93,6 +100,7 @@ in
             ++ lib.lists.optionals config.sas.build.private [
               ssh-known-hosts-sas-gitlab
               ssh-known-hosts-sas-gerrit
+              ssh-known-hosts-sas-artifact
             ]
           );
       };
diff --git a/hosts/elara/users/nikara/configs/console/ssh/default.nix b/hosts/elara/users/nikara/configs/console/ssh/default.nix
index 3db90fa..2733836 100644
--- a/hosts/elara/users/nikara/configs/console/ssh/default.nix
+++ b/hosts/elara/users/nikara/configs/console/ssh/default.nix
@@ -27,15 +27,26 @@ in
         key = "ssh/pass";
       };
 
-      "ssh/sas/key" = {
+      "ssh/sas/ed25519/key" = {
         sopsFile = ../../../../../../../secrets/sas/secrets.yaml;
-        key = "ssh/key";
+        key = "ssh/ed25519/key";
         path = "${home}/.ssh/ssh_sas_ed25519_key";
       };
 
-      "ssh/sas/pass" = {
+      "ssh/sas/ed25519/pass" = {
         sopsFile = ../../../../../../../secrets/sas/secrets.yaml;
-        key = "ssh/pass";
+        key = "ssh/ed25519/pass";
+      };
+
+      "ssh/sas/rsa/key" = {
+        sopsFile = ../../../../../../../secrets/sas/secrets.yaml;
+        key = "ssh/rsa/key";
+        path = "${home}/.ssh/ssh_sas_rsa_key";
+      };
+
+      "ssh/sas/rsa/pass" = {
+        sopsFile = ../../../../../../../secrets/sas/secrets.yaml;
+        key = "ssh/rsa/pass";
       };
     };
 
@@ -56,7 +67,8 @@ in
 
       clipbook.bookmarks = {
         "Personal SSH Key Passphrase".source = hmConfig.sops.secrets."ssh/personal/pass".path;
-        "SAS SSH Key Passphrase".source = hmConfig.sops.secrets."ssh/sas/pass".path;
+        "SAS SSH ED25519 Key Passphrase".source = hmConfig.sops.secrets."ssh/sas/ed25519/pass".path;
+        "SAS SSH RSA Key Passphrase".source = hmConfig.sops.secrets."ssh/sas/rsa/pass".path;
       };
     };
   };
diff --git a/packages/default.nix b/packages/default.nix
index 5d2be5a..95a0936 100644
--- a/packages/default.nix
+++ b/packages/default.nix
@@ -30,6 +30,9 @@
   ssh-known-hosts-github = import ./ssh/known-hosts/github { inherit pkgs inputs system; };
 
   # SAS
+  ssh-known-hosts-sas-artifact = import ./ssh/known-hosts/sas/artifact {
+    inherit pkgs inputs system;
+  };
   ssh-known-hosts-sas-cldlgn = import ./ssh/known-hosts/sas/cldlgn { inherit pkgs inputs system; };
   ssh-known-hosts-sas-gerrit = import ./ssh/known-hosts/sas/gerrit { inherit pkgs inputs system; };
   ssh-known-hosts-sas-gitlab = import ./ssh/known-hosts/sas/gitlab { inherit pkgs inputs system; };
diff --git a/packages/ssh/known-hosts/sas/artifact/default.nix b/packages/ssh/known-hosts/sas/artifact/default.nix
new file mode 100644
index 0000000..1c94e7e
--- /dev/null
+++ b/packages/ssh/known-hosts/sas/artifact/default.nix
@@ -0,0 +1,23 @@
+{
+  pkgs,
+  inputs,
+  system,
+  ...
+}:
+# AUTO-UPDATE: echo "Warning: Package using custom fetcher cannot be automatically updated." >&2
+pkgs.stdenv.mkDerivation rec {
+  pname = "ssh-known-hosts-sas-artifact";
+  version = "0-unstable-2025-03-14";
+
+  src = inputs.self.lib.${system}.fetchers.sshKnownHosts {
+    host = "artifactlfs.unx.sas.com";
+    port = 1339;
+    hash = "sha256-r3RaTj1GClvD0NwMwgNyfLYNBBjtGFu72CqB1L7f6wQ=";
+  };
+
+  phases = [ "installPhase" ];
+
+  installPhase = ''
+    cp $src $out
+  '';
+}