the-distro/infra
9
0
Fork 5
Code Issues 39 Pull requests 8 Packages Projects 1 Releases Wiki Activity

builders: fix provisioning of ssh hostkeys

Browse source
This commit is contained in:
Yureka 2024-08-05 08:18:13 +02:00
parent fe3cb577c1
commit 77ff556583
1 changed files with 2 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
services/baremetal-builder/netboot.nix
View file

@ -4,8 +4,7 @@ let
in in
{ {
config = lib.mkIf (cfg.enable && cfg.netboot) { config = lib.mkIf (cfg.enable && cfg.netboot) {
systemd.services.sshd.after = [ "provision-ssh-hostkey.service" ];
systemd.services.openssh.after = [ "provision-ssh-hostkey.service" ];
systemd.services.provision-ssh-hostkey = { systemd.services.provision-ssh-hostkey = {
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
serviceConfig = { serviceConfig = {
@ -16,7 +15,7 @@ in
mkdir -p /etc/ssh mkdir -p /etc/ssh
umask 0077 umask 0077
until ${pkgs.iputils}/bin/ping -c 1 vpn-gw.wob01.infra.forkos.org; do sleep 1; done until ${pkgs.iputils}/bin/ping -c 1 vpn-gw.wob01.infra.forkos.org; do sleep 1; done
curl --local-port 25-1024 https://vpn-gw.wob01.infra.forkos.org/${config.networking.hostName}/ssh_host_ed25519_key > /etc/ssh/ssh_host_ed25519_key ${pkgs.curl}/bin/curl --local-port 25-1024 https://vpn-gw.wob01.infra.forkos.org/${config.networking.hostName}/ssh_host_ed25519_key > /etc/ssh/ssh_host_ed25519_key
# Run the activation script again to trigger agenix decryption # Run the activation script again to trigger agenix decryption
/run/current-system/activate /run/current-system/activate
''; '';