From 9010b50d8c1ecf5e5f126dda2daae90470dbf5e0 Mon Sep 17 00:00:00 2001
From: iFargle <albert@sysctl.io>
Date: Wed, 29 Nov 2023 19:37:23 +0900
Subject: [PATCH] Test

---
 nixos/hosts/framework-server/ssh-luks.nix | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/nixos/hosts/framework-server/ssh-luks.nix b/nixos/hosts/framework-server/ssh-luks.nix
index d13e5e23..56dc65cd 100644
--- a/nixos/hosts/framework-server/ssh-luks.nix
+++ b/nixos/hosts/framework-server/ssh-luks.nix
@@ -5,8 +5,19 @@
 
     # ssh setup
     boot.kernelParams = [ "ip=dhcp" ];
+
+# ssh setup
+boot.initrd.network.enable = true;
+boot.initrd.network.ssh = {
+  enable = true;
+  port = 22;
+  shell = "/bin/cryptsetup-askpass";
+  authorizedKeys = [ "ssh-rsa AAAAyourpublic-key-here...." ];
+  hostKeys = [ "/etc/secrets/initrd/ssh_host_rsa_key" "/etc/secrets/initrd/ssh_host_ed25519_key" ];
+};
+
     boot.initrd = {
-        secrets = { "/boot/ssh_host_rsa_key" = "/boot/ssh_host_rsa_key"; };
+        enable = true;
         systemd.users.root.shell = "/bin/cryptsetup-askpass";
         network.enable = true;
         availableKernelModules = [ "cdc_ncm" ];