forked from Deuxfleurs/nixcfg
26 lines
982 B
Nix
26 lines
982 B
Nix
{ config, pkgs, ... }:
|
|
|
|
with builtins;
|
|
with pkgs.lib;
|
|
{
|
|
config = {
|
|
boot.initrd.availableKernelModules = [ "pps_core" "ptp" "e1000e" ];
|
|
boot.initrd.network.enable = true;
|
|
boot.initrd.network.ssh = {
|
|
enable = true;
|
|
port = 222;
|
|
authorizedKeys = concatLists (mapAttrsToList (name: user: user) config.deuxfleurs.admin_accounts);
|
|
hostKeys = [ "/var/lib/deuxfleurs/remote-unlock/ssh_host_ed25519_key" ];
|
|
};
|
|
boot.initrd.network.postCommands = ''
|
|
ip addr add ${config.deuxfleurs.lan_ip}/${toString config.deuxfleurs.lan_ip_prefix_length} dev ${config.deuxfleurs.network_interface}
|
|
ip link set dev ${config.deuxfleurs.network_interface} up
|
|
ip route add default via ${config.deuxfleurs.lan_default_gateway} dev ${config.deuxfleurs.network_interface}
|
|
ip a
|
|
ip route
|
|
ping -c 4 ${config.deuxfleurs.lan_default_gateway}
|
|
echo 'echo run cryptsetup-askpass to unlock drives' >> /root/.profile
|
|
'';
|
|
};
|
|
}
|
|
|