kiara/Fediversity
1
0
Fork 0
forked from Fediversity/Fediversity
Code Pull requests Activity

Do not inject pre-made keys

Browse source
This commit is contained in:
Nicolas Jeannerod 2025-02-21 19:07:45 +01:00
parent f0224b06c7
commit 46d20a76bc
Signed by untrusted user: Niols
GPG key ID: 35DB9EC8886E1CB8
1 changed files with 3 additions and 6 deletions

9
infra/proxmox-provision.sh
View file

@ -185,18 +185,15 @@ build_iso () {
acquire_lock build acquire_lock build
printf 'Building ISO for VM %s...\n' "$2" printf 'Building ISO for VM %s...\n' "$2"
## FIXME: Support injecting host keys for test VMs (but not for production
## VMs as that would be unsafe).
nix build \ nix build \
--impure --expr " --impure --expr "
let flake = builtins.getFlake (builtins.toString ./.); in let flake = builtins.getFlake (builtins.toString ./.); in
flake.lib.makeInstallerIso { flake.lib.makeInstallerIso {
nixosConfiguration = flake.nixosConfigurations.$2; nixosConfiguration = flake.nixosConfigurations.$2;
nixpkgs = flake.inputs.nixpkgs; nixpkgs = flake.inputs.nixpkgs;
hostKeys = {
ed25519 = {
private = ./deployment/hostKeys/$2/ssh_host_ed25519_key;
public = ./deployment/hostKeys/$2/ssh_host_ed25519_key.pub;
};
};
} }
" \ " \
--log-format raw --quiet \ --log-format raw --quiet \