nixpkgs/pkgs/installer/nixops-virtualbox/machine-configuration-nixops.nix

   1 { config, ... }:
   2
   3 let
   4
   5   clientKeyPath = "/root/.vbox-nixops-client-key";
   6
   7 in {
   8
   9   imports = [ <nixpkgs/nixos/modules/virtualisation/virtualbox-image.nix> ];
  10
  11   services.openssh.enable = true;
  12
  13   systemd.services.get-vbox-nixops-client-key = {
  14     description = "Get NixOps SSH Key";
  15     wantedBy = [ "multi-user.target" ];
  16     before = [ "sshd.service" ];
  17     requires = [ "dev-vboxguest.device" ];
  18     after = [ "dev-vboxguest.device" ];
  19     path = [ config.boot.kernelPackages.virtualboxGuestAdditions ];
  20     script = ''
  21       set -o pipefail
  22       VBoxControl -nologo guestproperty get /VirtualBox/GuestInfo/Charon/ClientPublicKey | sed 's/Value: //' > ${clientKeyPath}.tmp
  23       mv ${clientKeyPath}.tmp ${clientKeyPath}
  24
  25       if [[ ! -f /etc/ssh/ssh_host_ed25519_key ]]; then
  26         VBoxControl -nologo guestproperty get /VirtualBox/GuestInfo/NixOps/PrivateHostEd25519Key | sed 's/Value: //' > /etc/ssh/ssh_host_ed25519_key.tmp
  27         mv /etc/ssh/ssh_host_ed25519_key.tmp /etc/ssh/ssh_host_ed25519_key
  28         chmod 0600 /etc/ssh/ssh_host_ed25519_key
  29       fi
  30     '';
  31   };
  32
  33   services.openssh.authorizedKeysFiles = [ ".vbox-nixops-client-key" ];
  34
  35   boot.vesa = false;
  36
  37   boot.loader.timeout = 1;
  38
  39   # VirtualBox doesn't seem to lease IP addresses persistently, so we
  40   # may get a different IP address if dhcpcd is restarted.  So don't
  41   # restart dhcpcd.
  42   systemd.services.dhcpcd.restartIfChanged = false;
  43
  44   # Useless there and CPU intensive.
  45   documentation.nixos.enable = false;
  46 }