28 lines
1,004 B
Nix
28 lines
1,004 B
Nix
{ config, pkgs, ... }:
|
|
|
|
{
|
|
# Note: This implementation currently only allows eno1 (first interface) with dhcp.
|
|
boot.initrd.network = {
|
|
enable = true;
|
|
ssh = {
|
|
enable = true;
|
|
port = 2222;
|
|
# this includes the ssh keys of all users in the wheel group,
|
|
# but you can just specify some keys manually
|
|
#authorizedKeys = with lib; concatLists (mapAttrsToList (name: user: if elem "wheel" user.extraGroups then user.openssh.authorizedKeys.keys else []) config.users.users);
|
|
hostRSAKey = /boot/dropbear_rsa_host_key;
|
|
hostECDSAKey = /boot/dropbear_ecdsa_host_key;
|
|
# Key generation with dropbearkey -t <type> -f <output-keyfile>
|
|
};
|
|
postCommands = ''
|
|
echo 'cryptsetup-askpass' >> /root/.profile
|
|
'';
|
|
};
|
|
boot.kernelParams = [
|
|
"ip=10.1.2.2::10.1.2.1:255.255.255.0:montalin:eno1:none"
|
|
]; # see https://www.kernel.org/doc/Documentation/filesystems/nfs/nfsroot.txt
|
|
|
|
boot.initrd.postMountCommands = ''
|
|
ip link set eno1 down
|
|
'';
|
|
}
|