Merge remote-tracking branch 'origin/main' into static_ips

This commit is contained in:
Jörg Thalheim 2022-11-27 19:03:02 +00:00
commit 7d065a82c0
2 changed files with 14 additions and 7 deletions

View file

@ -32,9 +32,13 @@ curl -L https://github.com/nix-community/nixos-images/releases/download/nixos-un
``` ```
The script copies existing sshd host keys and ssh keys from The script copies existing sshd host keys and ssh keys from
`/root/.ssh/authorized_keys` and `/etc/ssh/authorized_keys.d/root` to the booted nixos machine. The actual kexec happens with a slight delay (6s). `/root/.ssh/authorized_keys`, `/root/.ssh/authorized_keys2` and
This allows for easier integration into automated nixos installation scripts, since you can cleanly disconnect from the running machine before the kexec takes place. `/etc/ssh/authorized_keys.d/root` to the booted nixos machine.
The tarball is also designed to be run from NixOS, which can be useful for new installations
The actual kexec happens with a slight delay (6s). This allows for easier
integration into automated nixos installation scripts, since you can cleanly
disconnect from the running machine before the kexec takes place. The tarball
is also designed to be run from NixOS, which can be useful for new installations
We also have [kexec-bundle](https://github.com/nix-community/nixos-images/releases/download/nixos-unstable/kexec-bundle-x86_64-linux), We also have [kexec-bundle](https://github.com/nix-community/nixos-images/releases/download/nixos-unstable/kexec-bundle-x86_64-linux),
which is a self-extracting archive from [nixos-generators](https://github.com/nix-community/nixos-generators). This version unpacks itself to `/` and possibly overlays the existing `/nix/store` with its own files. which is a self-extracting archive from [nixos-generators](https://github.com/nix-community/nixos-generators). This version unpacks itself to `/` and possibly overlays the existing `/nix/store` with its own files.

View file

@ -23,10 +23,13 @@ in {
pwd pwd
mkdir -p initrd/ssh mkdir -p initrd/ssh
pushd initrd pushd initrd
if [ -e /root/.ssh/authorized_keys ]; then for key in /root/.ssh/authorized_keys /root/.ssh/authorized_keys2; do
if [ -e "$key" ]; then
# workaround for debian shenanigans # workaround for debian shenanigans
grep -o '\(ssh-[^ ]* .*\)' /root/.ssh/authorized_keys >> ssh/authorized_keys grep -o '\(ssh-[^ ]* .*\)' "$key" >> ssh/authorized_keys
fi fi
done
# Typically for NixOS
if [ -e /etc/ssh/authorized_keys.d/root ]; then if [ -e /etc/ssh/authorized_keys.d/root ]; then
cat /etc/ssh/authorized_keys.d/root >> ssh/authorized_keys cat /etc/ssh/authorized_keys.d/root >> ssh/authorized_keys
fi fi