Fix boot key setup
This commit is contained in:
parent
da6c027c3e
commit
9adffbe351
2 changed files with 10 additions and 3 deletions
|
@ -1,6 +1,8 @@
|
|||
{ ... }:
|
||||
{
|
||||
|
||||
m-0.server.initSSHKey = ./secret/boot_rsa;
|
||||
|
||||
# Use the systemd-boot EFI boot loader.
|
||||
boot = {
|
||||
loader = {
|
||||
|
|
|
@ -1,6 +1,11 @@
|
|||
{ config, pkgs, lib, ... }:
|
||||
with lib;
|
||||
{
|
||||
options = {
|
||||
m-0.server.initSSHKey = mkOption {
|
||||
type = types.path;
|
||||
};
|
||||
};
|
||||
|
||||
config = mkIf config.m-0.server.enable {
|
||||
boot.initrd = {
|
||||
|
@ -11,9 +16,9 @@ config = mkIf config.m-0.server.enable {
|
|||
authorizedKeys = config.users.users.root.openssh.authorizedKeys.keys;
|
||||
|
||||
# generate file with
|
||||
# dropbearkey -t rsa -f /etc/nixos/boot_rsa
|
||||
# nix-env -iA nixos.dropbear
|
||||
hostRSAKey = builtins.toPath "/etc/nixos/hosts/${config.networking.hostName}/secret/boot_rsa";
|
||||
# nix-shell -p dropbear
|
||||
# dropbearkey -t rsa -f boot_rsa
|
||||
hostRSAKey = config.m-0.server.initSSHKey;
|
||||
};
|
||||
};
|
||||
postMountCommands = "ip link set eth0 down";
|
||||
|
|
Loading…
Reference in a new issue