Fix boot key setup
This commit is contained in:
parent
da6c027c3e
commit
9adffbe351
2 changed files with 10 additions and 3 deletions
|
@ -1,6 +1,8 @@
|
||||||
{ ... }:
|
{ ... }:
|
||||||
{
|
{
|
||||||
|
|
||||||
|
m-0.server.initSSHKey = ./secret/boot_rsa;
|
||||||
|
|
||||||
# Use the systemd-boot EFI boot loader.
|
# Use the systemd-boot EFI boot loader.
|
||||||
boot = {
|
boot = {
|
||||||
loader = {
|
loader = {
|
||||||
|
|
|
@ -1,6 +1,11 @@
|
||||||
{ config, pkgs, lib, ... }:
|
{ config, pkgs, lib, ... }:
|
||||||
with lib;
|
with lib;
|
||||||
{
|
{
|
||||||
|
options = {
|
||||||
|
m-0.server.initSSHKey = mkOption {
|
||||||
|
type = types.path;
|
||||||
|
};
|
||||||
|
};
|
||||||
|
|
||||||
config = mkIf config.m-0.server.enable {
|
config = mkIf config.m-0.server.enable {
|
||||||
boot.initrd = {
|
boot.initrd = {
|
||||||
|
@ -11,9 +16,9 @@ config = mkIf config.m-0.server.enable {
|
||||||
authorizedKeys = config.users.users.root.openssh.authorizedKeys.keys;
|
authorizedKeys = config.users.users.root.openssh.authorizedKeys.keys;
|
||||||
|
|
||||||
# generate file with
|
# generate file with
|
||||||
# dropbearkey -t rsa -f /etc/nixos/boot_rsa
|
# nix-shell -p dropbear
|
||||||
# nix-env -iA nixos.dropbear
|
# dropbearkey -t rsa -f boot_rsa
|
||||||
hostRSAKey = builtins.toPath "/etc/nixos/hosts/${config.networking.hostName}/secret/boot_rsa";
|
hostRSAKey = config.m-0.server.initSSHKey;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
postMountCommands = "ip link set eth0 down";
|
postMountCommands = "ip link set eth0 down";
|
||||||
|
|
Loading…
Reference in a new issue