From 9adffbe35187c787c1dd2f8f2cd0a925b1fa8286 Mon Sep 17 00:00:00 2001
From: Malte Brandy <malte.brandy@maralorn.de>
Date: Sun, 10 Feb 2019 01:53:24 +0100
Subject: [PATCH] Fix boot key setup

---
 hosts/hera/boot.nix                |  2 ++
 system/modules/server/init_ssh.nix | 11 ++++++++---
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/hosts/hera/boot.nix b/hosts/hera/boot.nix
index 4e213492..e06e0706 100644
--- a/hosts/hera/boot.nix
+++ b/hosts/hera/boot.nix
@@ -1,6 +1,8 @@
 { ... }:
 {
 
+m-0.server.initSSHKey = ./secret/boot_rsa;
+
 # Use the systemd-boot EFI boot loader.
 boot = {
   loader = {
diff --git a/system/modules/server/init_ssh.nix b/system/modules/server/init_ssh.nix
index d9ad5d0e..b4fa3c74 100644
--- a/system/modules/server/init_ssh.nix
+++ b/system/modules/server/init_ssh.nix
@@ -1,6 +1,11 @@
 { config, pkgs, lib, ... }:
 with lib;
 {
+options = {
+  m-0.server.initSSHKey = mkOption {
+    type = types.path;
+  };
+};
 
 config = mkIf config.m-0.server.enable {
   boot.initrd = {
@@ -11,9 +16,9 @@ config = mkIf config.m-0.server.enable {
         authorizedKeys = config.users.users.root.openssh.authorizedKeys.keys;
 
         # generate file with
-        # dropbearkey -t rsa -f /etc/nixos/boot_rsa
-        # nix-env -iA nixos.dropbear
-        hostRSAKey = builtins.toPath "/etc/nixos/hosts/${config.networking.hostName}/secret/boot_rsa";
+        # nix-shell -p dropbear
+        # dropbearkey -t rsa -f boot_rsa
+        hostRSAKey = config.m-0.server.initSSHKey;
       };
     };
     postMountCommands = "ip link set eth0 down";