From d6d54e213e7d0b744d8add997d8e56b595d568ef Mon Sep 17 00:00:00 2001
From: Jan-Bulthuis <git@bulthuis.dev>
Date: Mon, 9 Jun 2025 02:36:07 +0200
Subject: [PATCH] Implement SSH domain integration

---
 modules/nixos/domain.nix | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/modules/nixos/domain.nix b/modules/nixos/domain.nix
index 5fc5e6b..696e487 100644
--- a/modules/nixos/domain.nix
+++ b/modules/nixos/domain.nix
@@ -78,6 +78,7 @@ in
     # Set up SSSD
     services.sssd = {
       enable = true;
+      sshAuthorizedKeysIntegration = true;
       config = ''
         [sssd]
         domains = ${domain}
@@ -100,6 +101,8 @@ in
         dyndns_refresh_interval = 3600
         dyndns_update_ptr = true
         dyndns_ttl = 3600
+        ldap_user_extra_attrs = altSecurityIdentities:altSecurityIdentities
+        ldap_user_ssh_public_key = altSecurityIdentities
       '';
     };
     systemd.services.sssd = {