nix/nixos/hosts/framework-server/ssh-luks.nix

20 lines
1.2 KiB
Nix
Raw Normal View History

2023-11-25 07:35:20 +01:00
{ inputs, config, lib, pkgs, modulesPath, desktop, username, ... }: {
2023-11-25 07:17:29 +01:00
# https://nixos.wiki/wiki/Remote_LUKS_Unlocking
# Unlock command:
# ssh root@<Local_IP_Address> "Password"
# ssh setup
2023-11-26 12:40:33 +01:00
boot.kernelParams = [ "ip=dhcp" ];
2023-11-25 07:42:20 +01:00
boot.initrd = {
2023-11-26 13:28:17 +01:00
secrets = { "/boot/ssh_host_rsa_key" = "/boot/ssh_host_rsa_key"; };
2023-11-26 12:29:58 +01:00
availableKernelModules = [ "cdc_ncm" ];
2023-11-25 07:42:20 +01:00
systemd.users.root.shell = "/bin/cryptsetup-askpass";
network.enable = true;
network.ssh = {
enable = true;
port = 22;
2023-11-26 13:28:17 +01:00
authorizedKeys = [ "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDRglopgF7AZxQ/5utdVX+SsZV2Bg5La52mJcoS2EDliDg45NrEvkHTA8BXuGkZmDWj4nNgtfZv0glXEPSNN2tZPbn7OuHJB+jhA6qNMNh1t77EPgNVozhLigeFcC+tjyiNeww7GqaxlQcS3aDU6SdxPoBnZ2RMWYyYlXjEZtwWK8QrSWeuqGCaEPV/vfcBwUALS8m6kk6uLYnXkk6VcnXusuZMc6f9qbApRIXtVbP0MgzIrhk7L60UUg2ceMfuhHF4h9NwtJahpg0veIXSAxcGOY9JZaJdBIntsIj8qkG1UjGPRQjUEWQtVv1w6QS6wc08DhATOMdh4LwncVeLDceN3AqFAvR7ysoCQp0CN9ejNmvXY0oOb5f9l0TRHT9jSscD38EobIQzZ+P8fcwQeHav8ikMqzdpds3xfA5LlNZ1xTZqKxR2PXdzy7GYBhwT+T+EaHsw7MCT7dl/YKYlcAX3JejtUdDy62oClaEwg/izfzfjTq9xHGdudjW8kOIvup8= albert j. copeland@DESKTOP-1SJQ70F" ];
hostKeys = [ "/boot/ssh_host_rsa_key" ];
2023-11-25 07:42:20 +01:00
};
2023-11-25 07:17:29 +01:00
};
}