fabianhauser/dotfiles
1
0
Fork 0
Code Issues 4 Pull requests 1 Projects Releases Packages Wiki Activity Actions

Add dropbear

Browse source
This commit is contained in:
Fabian Hauser 2020-02-26 20:54:29 +00:00
parent de5e7866c5
commit d8402078bd
1 changed files with 26 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
host/montalin.nix
View file

@ -27,6 +27,32 @@
[ { device = "/dev/mapper/swap"; } [ { device = "/dev/mapper/swap"; }
]; ];
boot.loader.timeout = 2;
boot.initrd.availableKernelModules = [ "virtio-pci" "e1000e" ];
boot.initrd.network = {
enable = true;
ssh = {
enable = true;
port = 2222;
# hostECDSAKey = /var/src/secrets/dropbear/ecdsa-hostkey;
# this includes the ssh keys of all users in the wheel group, but you can just specify some keys manually
# authorizedKeys = with lib; concatLists (mapAttrsToList (name: user: if elem "wheel" user.extraGroups then user.openssh.authorizedKeys.keys else []) config.users.users);
# Key generation with dropbearkey -t <type> -f <output-keyfile>
hostRSAKey = /boot/dropbear_rsa_host_key;
hostECDSAKey = /boot/dropbear_ecdsa_host_key;
};
postCommands = ''
echo 'cryptsetup-askpass' >> /root/.profile
'';
};
boot.kernelParams = ["ip=::::montalin:eth0:dhcp"];
boot.initrd.postMountCommands = ''
ip link set eth0 down
'';
# Use the systemd-boot EFI boot loader. # Use the systemd-boot EFI boot loader.
boot.loader.systemd-boot.enable = true; boot.loader.systemd-boot.enable = true;
boot.loader.efi.canTouchEfiVariables = true; boot.loader.efi.canTouchEfiVariables = true;