feat(ooksphone): add ssh configuration to ooksphone
This commit is contained in:
parent
24abca0ffe
commit
7e351d9311
3 changed files with 39 additions and 1 deletions
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
imports = [
|
||||
./theme.nix
|
||||
# ./ssh.nix
|
||||
# ./openssh.nix
|
||||
];
|
||||
}
|
||||
|
|
|
|||
37
system/hosts/ooksphone/modules/openssh.nix
Normal file
37
system/hosts/ooksphone/modules/openssh.nix
Normal file
|
|
@ -0,0 +1,37 @@
|
|||
{ pkgs, config, ... }:
|
||||
|
||||
let
|
||||
sshdTmpDirectory = "${config.user.home}/sshd-tmp";
|
||||
sshdDirectory = "${config.user.home}/sshd";
|
||||
pathToPubKey = "...";
|
||||
port = 8022;
|
||||
in
|
||||
|
||||
{
|
||||
build.activation.sshd = ''
|
||||
$DRY_RUN_CMD mkdir $VERBOSE_ARG --parents "${config.user.home}/.ssh"
|
||||
$DRY_RUN_CMD cat ${pathToPubKey} > "${config.user.home}/.ssh/authorized_keys"
|
||||
|
||||
if [[ ! -d "${sshdDirectory}" ]]; then
|
||||
$DRY_RUN_CMD rm $VERBOSE_ARG --recursive --force "${sshdTmpDirectory}"
|
||||
$DRY_RUN_CMD mkdir $VERBOSE_ARG --parents "${sshdTmpDirectory}"
|
||||
|
||||
$VERBOSE_ECHO "Generating host keys..."
|
||||
$DRY_RUN_CMD ${pkgs.openssh}/bin/ssh-keygen -t rsa -b 4096 -f "${sshdTmpDirectory}/ssh_host_rsa_key" -N ""
|
||||
|
||||
$VERBOSE_ECHO "Writing sshd_config..."
|
||||
$DRY_RUN_CMD echo -e "HostKey ${sshdDirectory}/ssh_host_rsa_key\nPort ${toString port}\n" > "${sshdTmpDirectory}/sshd_config"
|
||||
|
||||
$DRY_RUN_CMD mv $VERBOSE_ARG "${sshdTmpDirectory}" "${sshdDirectory}"
|
||||
fi
|
||||
'';
|
||||
|
||||
environment.packages = [
|
||||
(pkgs.writeScriptBin "sshd-start" ''
|
||||
#!${pkgs.runtimeShell}
|
||||
|
||||
echo "Starting sshd in non-daemonized way on port ${toString port}"
|
||||
${pkgs.openssh}/bin/sshd -f "${sshdDirectory}/sshd_config" -D
|
||||
'')
|
||||
];
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue