emily/nixos-images
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge remote-tracking branch 'origin/main' into static_ips

Browse source
This commit is contained in:
Jörg Thalheim 2022-11-27 19:03:02 +00:00
commit 7d065a82c0
2 changed files with 14 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
README.md
View file

@ -32,9 +32,13 @@ curl -L https://github.com/nix-community/nixos-images/releases/download/nixos-un
```
The script copies existing sshd host keys and ssh keys from
`/root/.ssh/authorized_keys` and `/etc/ssh/authorized_keys.d/root` to the booted nixos machine. The actual kexec happens with a slight delay (6s).
This allows for easier integration into automated nixos installation scripts, since you can cleanly disconnect from the running machine before the kexec takes place.
The tarball is also designed to be run from NixOS, which can be useful for new installations
`/root/.ssh/authorized_keys`, `/root/.ssh/authorized_keys2` and
`/etc/ssh/authorized_keys.d/root` to the booted nixos machine.
The actual kexec happens with a slight delay (6s). This allows for easier
integration into automated nixos installation scripts, since you can cleanly
disconnect from the running machine before the kexec takes place. The tarball
is also designed to be run from NixOS, which can be useful for new installations
We also have [kexec-bundle](https://github.com/nix-community/nixos-images/releases/download/nixos-unstable/kexec-bundle-x86_64-linux),
which is a self-extracting archive from [nixos-generators](https://github.com/nix-community/nixos-generators). This version unpacks itself to `/` and possibly overlays the existing `/nix/store` with its own files.

11
nix/kexec-installer/module.nix
View file

@ -23,10 +23,13 @@ in {
pwd
mkdir -p initrd/ssh
pushd initrd
if [ -e /root/.ssh/authorized_keys ]; then
# workaround for debian shenanigans
grep -o '\(ssh-[^ ]* .*\)' /root/.ssh/authorized_keys >> ssh/authorized_keys
fi
for key in /root/.ssh/authorized_keys /root/.ssh/authorized_keys2; do
if [ -e "$key" ]; then
# workaround for debian shenanigans
grep -o '\(ssh-[^ ]* .*\)' "$key" >> ssh/authorized_keys
fi
done
# Typically for NixOS
if [ -e /etc/ssh/authorized_keys.d/root ]; then
cat /etc/ssh/authorized_keys.d/root >> ssh/authorized_keys
fi