baremetal: add untested ssh unlock in initrd
This commit is contained in:
parent
d4bcd1161e
commit
23a1aecaf5
|
@ -4,6 +4,24 @@
|
|||
options.c3d2.baremetal = lib.mkEnableOption "baremetal";
|
||||
|
||||
config = lib.mkIf config.c3d2.baremetal {
|
||||
boot.initrd.network = {
|
||||
enable = true;
|
||||
ssh = {
|
||||
enable = true;
|
||||
authorizedKeys = config.users.users.root.openssh.authorizedKeys.keys;
|
||||
hostKeys = [
|
||||
"/etc/ssh/initrd/ssh_host_ed25519_key"
|
||||
"/etc/ssh/initrd/ssh_host_rsa_key"
|
||||
];
|
||||
port = 4748;
|
||||
};
|
||||
postCommands = ''
|
||||
cat <<EOF > /root/.profile
|
||||
cryptsetup-askpass
|
||||
EOF
|
||||
'';
|
||||
};
|
||||
|
||||
environment.systemPackages = with pkgs; [
|
||||
lshw
|
||||
pciutils # lscpi
|
||||
|
|
Loading…
Reference in New Issue