27 lines
783 B
Nix
27 lines
783 B
Nix
sshKeys: ({ config, pkgs, ... }: {
|
|
boot.kernelParams = [ "ip=dhcp" ];
|
|
boot = {
|
|
initrd = {
|
|
availableKernelModules = [ "r8169" ];
|
|
network = {
|
|
enable = true;
|
|
udhcpc = {
|
|
enable = true;
|
|
extraArgs = [ "--background" "--retries" "1" ];
|
|
};
|
|
flushBeforeStage2 = true;
|
|
ssh = {
|
|
enable = true;
|
|
port = 22;
|
|
authorizedKeys = sshKeys;
|
|
hostKeys = [ "/etc/ssh/ssh_host_ed25519_key" ];
|
|
# shell = "/bin/cryptsetup-askpass";
|
|
};
|
|
postCommands = ''
|
|
# Automatically ask for the password on SSH login
|
|
echo 'cryptsetup-askpass || echo "Unlock was successful; exiting SSH session" && exit 1' >> /root/.profile
|
|
'';
|
|
};
|
|
};
|
|
};
|
|
})
|