also copy key from sudo user to new image

2023-01-24 14:33:09 +01:00 · 2023-01-24 14:33:09 +01:00 · 29f72fead3
commit 29f72fead3
parent 777c1423b1
1 changed files with 18 additions and 6 deletions
--- a/nix/kexec-installer/module.nix
+++ b/nix/kexec-installer/module.nix
@ -26,16 +26,28 @@ in {
    pwd
    mkdir -p initrd/ssh
    pushd initrd
-    for key in /root/.ssh/authorized_keys /root/.ssh/authorized_keys2; do
-      if [ -e "$key" ]; then
-        # workaround for debian shenanigans
-        grep -o '\(ssh-[^ ]* .*\)' "$key" >> ssh/authorized_keys
-      fi
+    homes=(/root)
+
+    if [[ -n "''${SUDO_USER-}" ]]; then
+      sudo_home=$(bash -c "cd ~$(printf %q "$SUDO_USER") && pwd")
+      homes+=("$sudo_home")
+    fi
+    for home in "''${homes[@]}"; do
+      for file in .ssh/authorized_keys .ssh/authorized_keys2; do
+        key="$home/$file"
+        if [[ -e "$key" ]]; then
+          # workaround for debian shenanigans
+          grep -o '\(ssh-[^ ]* .*\)' "$key" >> ssh/authorized_keys
+        fi
+      done
    done
    # Typically for NixOS
-    if [ -e /etc/ssh/authorized_keys.d/root ]; then
+    if [[ -e /etc/ssh/authorized_keys.d/root ]]; then
      cat /etc/ssh/authorized_keys.d/root >> ssh/authorized_keys
    fi
+    if [[ -n "''${SUDO_USER-}" ]] && [[ -e "/etc/ssh/authorized_keys.d/$SUDO_USER" ]]; then
+      cat "/etc/ssh/authorized_keys.d/$SUDO_USER" >> ssh/authorized_keys
+    fi
    for p in /etc/ssh/ssh_host_*; do
      cp -a "$p" ssh
    done