Add optional ssh server to initrd

2021-01-07 13:39:25 +01:00 · 2021-01-07 13:39:25 +01:00 · a44f1fd1ac
parent f1620679d4
commit a44f1fd1ac
2 changed files with 20 additions and 0 deletions
--- a/modules/default.nix
+++ b/modules/default.nix
@ -16,6 +16,7 @@
    ./gpu
    ./grub.nix
    ./gui.nix
+    ./initrd-ssh.nix
    ./libvirt.nix
    ./locales.nix
    ./media-proxy.nix
--- a/modules/initrd-ssh.nix
+++ b/modules/initrd-ssh.nix
@ -0,0 +1,19 @@
+# For network to work in initrd, either pass the `ip=` kernel parameter or
+# enable networking.useDHCP. You also have to add the required kernel modules
+# for the network card to boot.initrd.availableKernelModules. Also see the
+# instructions on how to add a host key to password-store.
+{ config, lib, ... }:
+{
+  boot.initrd.network = {
+    #enable = true;
+    ssh = {
+      enable = lib.mkDefault config.boot.initrd.network.enable;
+      port = 2222;
+      # ssh-keygen -t ed25519 -N "" -f initrd-ssh-host-key -C HOSTNAME
+      # pass insert -m nixos/machines/HOSTNAME/initrd-ssh-host-key < initrd-ssh-host-key
+      hostKeys = [
+        (toString <secrets/initrd-ssh-host-key>)
+      ];
+    };
+  };
+}