38 lines
1.1 KiB
Nix
38 lines
1.1 KiB
Nix
{ config, pkgs, lib, ... }:
|
|
|
|
# Note: This implementation currently only allows eno1 (first interface) with dhcp.
|
|
let
|
|
ip = "10.1.2.2";
|
|
gateway = "10.1.2.1";
|
|
netmask = "255.255.255.0";
|
|
hostname = config.networking.hostName;
|
|
primaryInterface = "eno1";
|
|
in {
|
|
boot.initrd.network = {
|
|
enable = true;
|
|
ssh = {
|
|
enable = true;
|
|
port = 2222;
|
|
authorizedKeys = with lib;
|
|
concatLists (mapAttrsToList (name: user:
|
|
if elem "wheel" user.extraGroups then
|
|
user.openssh.authorizedKeys.keys
|
|
else
|
|
[ ]) config.users.users);
|
|
hostRSAKey = /boot/dropbear_rsa_host_key;
|
|
hostECDSAKey = /boot/dropbear_ecdsa_host_key;
|
|
# Key generation with dropbearkey -t <type> -f <output-keyfile>
|
|
};
|
|
postCommands = ''
|
|
echo 'cryptsetup-askpass' >> /root/.profile
|
|
'';
|
|
};
|
|
|
|
boot.kernelParams = [
|
|
"ip=${ip}::${gateway}:${netmask}:${hostname}:${primaryInterface}:none"
|
|
]; # see https://www.kernel.org/doc/Documentation/filesystems/nfs/nfsroot.txt
|
|
|
|
boot.initrd.postMountCommands = ''
|
|
ip link set ${primaryInterface} down
|
|
'';
|
|
}
|