{ config, pkgs, ... }: { # Note: This implementation currently only allows eth0 (first interface) with dhcp. boot.initrd.network = { enable = true; ssh = { enable = true; port = 2222; # this includes the ssh keys of all users in the wheel group, # but you can just specify some keys manually #authorizedKeys = with lib; concatLists (mapAttrsToList (name: user: if elem "wheel" user.extraGroups then user.openssh.authorizedKeys.keys else []) config.users.users); hostRSAKey = /boot/dropbear_rsa_host_key; hostECDSAKey = /boot/dropbear_ecdsa_host_key; # Key generation with dropbearkey -t -f }; postCommands = '' echo 'cryptsetup-askpass' >> /root/.profile ''; }; boot.kernelParams = ["ip=::::montalin:eth0:dhcp"]; boot.initrd.postMountCommands = '' ip link set eth0 down ''; }