forked from c3d2/nix-config
baremetal: add untested ssh unlock in initrd
This commit is contained in:
parent
d4bcd1161e
commit
23a1aecaf5
|
@ -4,6 +4,24 @@
|
||||||
options.c3d2.baremetal = lib.mkEnableOption "baremetal";
|
options.c3d2.baremetal = lib.mkEnableOption "baremetal";
|
||||||
|
|
||||||
config = lib.mkIf config.c3d2.baremetal {
|
config = lib.mkIf config.c3d2.baremetal {
|
||||||
|
boot.initrd.network = {
|
||||||
|
enable = true;
|
||||||
|
ssh = {
|
||||||
|
enable = true;
|
||||||
|
authorizedKeys = config.users.users.root.openssh.authorizedKeys.keys;
|
||||||
|
hostKeys = [
|
||||||
|
"/etc/ssh/initrd/ssh_host_ed25519_key"
|
||||||
|
"/etc/ssh/initrd/ssh_host_rsa_key"
|
||||||
|
];
|
||||||
|
port = 4748;
|
||||||
|
};
|
||||||
|
postCommands = ''
|
||||||
|
cat <<EOF > /root/.profile
|
||||||
|
cryptsetup-askpass
|
||||||
|
EOF
|
||||||
|
'';
|
||||||
|
};
|
||||||
|
|
||||||
environment.systemPackages = with pkgs; [
|
environment.systemPackages = with pkgs; [
|
||||||
lshw
|
lshw
|
||||||
pciutils # lscpi
|
pciutils # lscpi
|
||||||
|
|
Loading…
Reference in New Issue
Block a user