From d8402078bd3e40c8aaad60101dbdb4192bd54c2a Mon Sep 17 00:00:00 2001
From: Fabian <fabian@fh2.ch>
Date: Wed, 26 Feb 2020 20:54:29 +0000
Subject: [PATCH] Add dropbear

---
 host/montalin.nix | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/host/montalin.nix b/host/montalin.nix
index 8c84733..cc4d9f2 100644
--- a/host/montalin.nix
+++ b/host/montalin.nix
@@ -27,6 +27,32 @@
     [ { device = "/dev/mapper/swap"; }
     ];
 
+
+  boot.loader.timeout = 2;
+  boot.initrd.availableKernelModules = [ "virtio-pci" "e1000e" ];
+  boot.initrd.network = {
+    enable = true;
+    ssh = {
+      enable = true;
+      port = 2222;
+  #    hostECDSAKey = /var/src/secrets/dropbear/ecdsa-hostkey;
+      # this includes the ssh keys of all users in the wheel group, but you can just specify some keys manually
+  #    authorizedKeys = with lib; concatLists (mapAttrsToList (name: user: if elem "wheel" user.extraGroups then user.openssh.authorizedKeys.keys else []) config.users.users);
+      # Key generation with dropbearkey -t <type> -f <output-keyfile>
+      hostRSAKey = /boot/dropbear_rsa_host_key;
+      hostECDSAKey = /boot/dropbear_ecdsa_host_key;
+    };
+    postCommands = ''
+      echo 'cryptsetup-askpass' >> /root/.profile
+    '';
+  };
+  boot.kernelParams = ["ip=::::montalin:eth0:dhcp"];
+
+boot.initrd.postMountCommands = ''
+    ip link set eth0 down
+  '';
+
+
   # Use the systemd-boot EFI boot loader.
   boot.loader.systemd-boot.enable = true;
   boot.loader.efi.canTouchEfiVariables = true;