forked from Fediversity/simple-nixos-fediverse
Support installing host keys in the installer
This commit is contained in:
parent
f04b71047c
commit
2d522f51f5
|
@ -4,10 +4,14 @@
|
||||||
WARNING: Running this installer will format the target disk!
|
WARNING: Running this installer will format the target disk!
|
||||||
*/
|
*/
|
||||||
|
|
||||||
{ nixpkgs, ... }:
|
{ nixpkgs,
|
||||||
|
hostKeys ? {}
|
||||||
|
}:
|
||||||
machine:
|
machine:
|
||||||
|
|
||||||
let
|
let
|
||||||
|
inherit (builtins) concatStringsSep attrValues mapAttrs;
|
||||||
|
|
||||||
installer = { config, pkgs, lib, ... }:
|
installer = { config, pkgs, lib, ... }:
|
||||||
let
|
let
|
||||||
bootstrap = pkgs.writeShellApplication {
|
bootstrap = pkgs.writeShellApplication {
|
||||||
|
@ -15,8 +19,22 @@ let
|
||||||
runtimeInputs = with pkgs; [ nixos-install-tools ];
|
runtimeInputs = with pkgs; [ nixos-install-tools ];
|
||||||
text = ''
|
text = ''
|
||||||
${machine.config.system.build.diskoScript}
|
${machine.config.system.build.diskoScript}
|
||||||
nixos-install --no-root-password --no-channel-copy --system ${machine.config.system.build.toplevel} \
|
nixos-install --no-root-password --no-channel-copy --system ${machine.config.system.build.toplevel}
|
||||||
&& poweroff
|
${
|
||||||
|
concatStringsSep "\n" (
|
||||||
|
attrValues (
|
||||||
|
mapAttrs
|
||||||
|
(kind: keys: ''
|
||||||
|
cp ${keys.private} /mnt/etc/ssh/ssh_host_${kind}_key
|
||||||
|
chmod 600 /mnt/etc/ssh/ssh_host_${kind}_key
|
||||||
|
cp ${keys.public} /mnt/etc/ssh/ssh_host_${kind}_key.pub
|
||||||
|
chmod 644 /mnt/etc/ssh/ssh_host_${kind}_key.pub
|
||||||
|
'')
|
||||||
|
hostKeys
|
||||||
|
)
|
||||||
|
)
|
||||||
|
}
|
||||||
|
poweroff
|
||||||
'';
|
'';
|
||||||
};
|
};
|
||||||
in
|
in
|
||||||
|
|
Reference in a new issue