remove dataHost option

improve certificate directory structure

nixos/machines/default.nix

@@ -1,4 +1,21 @@
 {
+  atlas = {
+    type = "physical";
+
+    nixosModule.lab = {
+      storage = {
+        osDisk = "/dev/sda";
+        dataPartition = "/dev/nvme0n1p1";
+      };
+
+      ssh = {
+        useCertificates = true;
+        hostCert = builtins.readFile ./certificates/atlas/host_ed25519.crt;
+        userCert = builtins.readFile ./certificates/atlas/user_ed25519.crt;
+      };
+    };
+  };
+
   jefke = {
     type = "physical";
 
@@ -13,36 +30,20 @@
 
         ssh = {
           useCertificates = true;
-          # TODO: automatically set this?
-          hostCert = builtins.readFile ./jefke_host_ed25519-cert.pub;
-          userCert = builtins.readFile ./jefke_user_ed25519-cert.pub;
+          hostCert = builtins.readFile ./certificates/jefke/host_ed25519.crt;
+          userCert = builtins.readFile ./certificates/jefke/user_ed25519.crt;
         };
       };
     };
   };
 
-  atlas = {
-    type = "physical";
-
-    nixosModule.lab = {
-      storage = {
-        osDisk = "/dev/sda";
-        dataPartition = "/dev/nvme0n1p1";
-      };
-
-      ssh = {
-        useCertificates = true;
-        hostCert = builtins.readFile ./atlas_host_ed25519-cert.pub;
-        userCert = builtins.readFile ./atlas_user_ed25519-cert.pub;
-      };
-    };
-  };
-
   lewis = {
     type = "physical";
 
     nixosModule.lab = {
-      dataHost.enable = true;
+      backups.enable = true;
+      data-sharing.enable = true;
+      networking.dmz.allowConnectivity = true;
 
       storage = {
         osDisk = "/dev/sda";
@@ -51,8 +52,8 @@
 
       ssh = {
         useCertificates = true;
-        hostCert = builtins.readFile ./lewis_host_ed25519-cert.pub;
-        userCert = builtins.readFile ./lewis_user_ed25519-cert.pub;
+        hostCert = builtins.readFile ./certificates/lewis/host_ed25519.crt;
+        userCert = builtins.readFile ./certificates/lewis/user_ed25519.crt;
       };
     };
   };