nixpkgs/pkgs/installer/nixops-virtualbox/machine-configuration-nixops.nix

   1 { config, ... }:
   2
   3 let
   4
   5   clientKeyPath = "/root/.vbox-nixops-client-key";
   6
   7 in
   8 {
   9
  10   imports = [ <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix> ];
  11
  12   services.openssh.enable = true;
  13
  14   systemd.services.get-vbox-nixops-client-key = {
  15     description = "Get NixOps SSH Key";
  16     wantedBy = [ "multi-user.target" ];
  17     before = [ "sshd.service" ];
  18     requires = [ "dev-vboxguest.device" ];
  19     after = [ "dev-vboxguest.device" ];
  20     path = [ config.boot.kernelPackages.virtualboxGuestAdditions ];
  21     script = ''
  22       set -o pipefail
  23       VBoxControl -nologo guestproperty get /VirtualBox/GuestInfo/Charon/ClientPublicKey | sed 's/Value: //' > ${clientKeyPath}.tmp
  24       mv ${clientKeyPath}.tmp ${clientKeyPath}
  25
  26       if [[ ! -f /etc/ssh/ssh_host_ed25519_key ]]; then
  27         VBoxControl -nologo guestproperty get /VirtualBox/GuestInfo/NixOps/PrivateHostEd25519Key | sed 's/Value: //' > /etc/ssh/ssh_host_ed25519_key.tmp
  28         mv /etc/ssh/ssh_host_ed25519_key.tmp /etc/ssh/ssh_host_ed25519_key
  29         chmod 0600 /etc/ssh/ssh_host_ed25519_key
  30       fi
  31     '';
  32   };
  33
  34   services.openssh.authorizedKeysFiles = [ ".vbox-nixops-client-key" ];
  35
  36   boot.vesa = false;
  37
  38   boot.loader.timeout = 1;
  39
  40   # VirtualBox doesn't seem to lease IP addresses persistently, so we
  41   # may get a different IP address if dhcpcd is restarted.  So don't
  42   # restart dhcpcd.
  43   systemd.services.dhcpcd.restartIfChanged = false;
  44
  45   # Useless there and CPU intensive.
  46   documentation.nixos.enable = false;
  47 }