initrd-ssh: Improve module documentation

This commit is contained in:
Simon Bruder 2023-02-15 11:35:59 +01:00
parent c3d7de1d49
commit 42a22e89b7
Signed by: simon
GPG key ID: 8D3C82F9F309F8EC

View file

@ -1,7 +1,23 @@
# For network to work in initrd, either pass the `ip=` kernel parameter or # To enable this on a host, you have to do the following:
# enable networking.useDHCP. You also have to add the required kernel modules # For network to work in initrd,
# for the network card to boot.initrd.availableKernelModules. Also see the # either pass the `ip=` kernel parameter or enable networking.useDHCP.
# instructions on how to add a host key to password-store. # You also have to add the required kernel modules for the network adapter to `boot.initrd.availableKernelModules`
# (if it is not loaded by default).
# Then, you can set `boot.initrd.network.enable=true`,
# which enables networking in initrd.
# SSH in the initrd is enabled by this module automatically once networking is enabled.
# To be able to log in,
# you have to generate an SSH host key for the system (see the comments in the module on how to)
# and copy it to that host.
# It is then recommended to add a new `<host>-initrd`-entry to `modules/ssh.nix`
# to ensure the key is known and trusted by default on all other hosts.
# The host also needs a valid entry in `machines/default.nix`
# with `targetHost` set.
# If necessary, also set `unlockOverV4`,
# which forces the SSH connection to use IPv4
# (useful if the network of the host does not do SLAAC).
# If all that is done,
# remote unlocking should be possible by running `nix run .#unlock/host`
{ config, lib, ... }: { config, lib, ... }:
{ {
boot.initrd.network = { boot.initrd.network = {