Clean up montalin configuration

role/base.nix

@@ -3,6 +3,9 @@
 
 {
   system.autoUpgrade.enable = true;
+  system.autoUpgrade.allowReboot = true;
+
+  boot.loader.timeout = 2;
 
   i18n = {
     consoleFont = "Lat2-Terminus16";

role/dropbear.nix

@@ -0,0 +1,26 @@
+{ config, pkgs, ... }:
+
+{
+  # Note: This implementation currently only allows eth0 (first interface) with dhcp.
+  boot.initrd.network = {
+    enable = true;
+    ssh = {
+      enable = true;
+      port = 2222;
+      # this includes the ssh keys of all users in the wheel group,
+      # but you can just specify some keys manually
+      #authorizedKeys = with lib; concatLists (mapAttrsToList (name: user: if elem "wheel" user.extraGroups then user.openssh.authorizedKeys.keys else []) config.users.users);
+      hostRSAKey = /boot/dropbear_rsa_host_key;
+      hostECDSAKey = /boot/dropbear_ecdsa_host_key;
+      # Key generation with dropbearkey -t <type> -f <output-keyfile>
+    };
+    postCommands = ''
+      echo 'cryptsetup-askpass' >> /root/.profile
+    '';
+  };
+  boot.kernelParams = ["ip=::::montalin:eth0:dhcp"];
+
+  boot.initrd.postMountCommands = ''
+    ip link set eth0 down
+  '';
+}