fruitbasket/modules/core/initrd-ssh.nix

29 lines
969 B
Nix
Raw Normal View History

2024-01-25 19:40:22 +01:00
# Find the required kernel module for the network adapter using `lspci -v` and add it to `boot.initrd.availableKernelModules`.
# Enable `networking.useDHCP` or set a static ip using the `ip=` kernel parameter.
# Generate another SSH host key for the machine:
# $ ssh-keygen -t ed25519 -N "" -f /etc/ssh/ssh_host_ed25519_key_initrd -C HOSTNAME-initrd
# Add the public key to your known_hosts and create an ssh config entry.
2024-01-29 16:23:56 +01:00
{ config, ... }:
2024-01-25 19:40:22 +01:00
{
2024-01-29 16:23:56 +01:00
boot.initrd = {
systemd = {
2024-01-25 19:40:22 +01:00
enable = true;
2024-01-29 16:23:56 +01:00
network = {
enable = true;
networks."10-wired-default" = config.systemd.network.networks."10-wired-default";
};
users.root.shell = "/bin/zfs load-key rpool/nixos";
2024-01-29 16:23:56 +01:00
};
network = {
enable = true;
ssh = {
enable = true;
port = 222;
hostKeys = [ "/etc/ssh/ssh_host_ed25519_key_initrd" ];
# authorizedKeys option inherits root's authorizedKeys.keys, but not keyFiles
};
2024-01-25 19:40:22 +01:00
};
};
}