]> Git — Sourcephile - sourcephile-nix.git/blob - nixpkgs/pkgs/installer/nixops-virtualbox/machine-configuration-nixops.nix
mermet: knot: enable CAA validationmethods= and accounturi=
[sourcephile-nix.git] / nixpkgs / pkgs / installer / nixops-virtualbox / machine-configuration-nixops.nix
1 { config, ... }:
2
3 let
4
5 clientKeyPath = "/root/.vbox-nixops-client-key";
6
7 in
8 {
9
10 imports = [ <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix> ];
11
12 services.openssh.enable = true;
13
14 systemd.services.get-vbox-nixops-client-key = {
15 description = "Get NixOps SSH Key";
16 wantedBy = [ "multi-user.target" ];
17 before = [ "sshd.service" ];
18 requires = [ "dev-vboxguest.device" ];
19 after = [ "dev-vboxguest.device" ];
20 path = [ config.boot.kernelPackages.virtualboxGuestAdditions ];
21 script = ''
22 set -o pipefail
23 VBoxControl -nologo guestproperty get /VirtualBox/GuestInfo/Charon/ClientPublicKey | sed 's/Value: //' > ${clientKeyPath}.tmp
24 mv ${clientKeyPath}.tmp ${clientKeyPath}
25
26 if [[ ! -f /etc/ssh/ssh_host_ed25519_key ]]; then
27 VBoxControl -nologo guestproperty get /VirtualBox/GuestInfo/NixOps/PrivateHostEd25519Key | sed 's/Value: //' > /etc/ssh/ssh_host_ed25519_key.tmp
28 mv /etc/ssh/ssh_host_ed25519_key.tmp /etc/ssh/ssh_host_ed25519_key
29 chmod 0600 /etc/ssh/ssh_host_ed25519_key
30 fi
31 '';
32 };
33
34 services.openssh.authorizedKeysFiles = [ ".vbox-nixops-client-key" ];
35
36 boot.vesa = false;
37
38 boot.loader.timeout = 1;
39
40 # VirtualBox doesn't seem to lease IP addresses persistently, so we
41 # may get a different IP address if dhcpcd is restarted. So don't
42 # restart dhcpcd.
43 systemd.services.dhcpcd.restartIfChanged = false;
44
45 # Useless there and CPU intensive.
46 documentation.nixos.enable = false;
47 }