feat: enable initrd ssh for malak

wimpysworld · Oct 15, 2024 · cd0d435 · cd0d435
1 parent 60e92fb
commit cd0d435
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 11 deletions.
diff --git a/README.md b/README.md
@@ -260,6 +260,7 @@ Things I currently need to do manually after installation.
   - `incus admin init --minimal`
   - `create-defender`
   - `create-fighter`
+  - On `malak` create initrd keys: `sudo ssh-keygen -t ed25519 -C "" -N "" -f /etc/ssh/initrd_ssh_host_ed25519_key`
 - [ ] On macOS run
   - `install-homebrew`
 

diff --git a/nixos/_mixins/features/network/malak.nix b/nixos/_mixins/features/network/malak.nix
@@ -1,7 +1,5 @@
 { lib, ... }:
 {
-  # enp0s31f6
-  #Broadcast: 116.202.241.255
   networking = {
     defaultGateway = "116.202.241.193";
     defaultGateway6 = { address = "fe80::1"; interface = "eth0"; };
@@ -17,6 +15,13 @@
         prefixLength = 64;
       }
     ];
+    #https://docs.hetzner.com/dns-console/dns/general/recursive-name-servers
+    nameservers = lib.mkDefault [
+      "185.12.64.1"
+      "185.12.64.2"
+      "2a01:4ff:ff00::add:1"
+      "2a01:4ff:ff00::add:2"
+    ];
     useDHCP = lib.mkForce false;
     usePredictableInterfaceNames = false;
   };

diff --git a/nixos/malak/default.nix b/nixos/malak/default.nix
@@ -24,20 +24,36 @@
   ];
 
   boot = {
-    initrd.availableKernelModules = [
-      "ahci"
-      "nvme"
-      "sd_mod"
-      "xhci_pci"
-    ];
+    initrd = {
+      availableKernelModules = [
+        "ahci"
+        "nvme"
+        "sd_mod"
+        "xhci_pci"
+        "e1000e"
+      ];
+      network = {
+        enable = true;
+        ssh = {
+          enable = true;
+          hostKeys = [ "/etc/ssh/initrd_ssh_host_ed25519_key" ];
+          ignoreEmptyHostKeys = true;
+          port = 2222;
+        };
+      };
+    };
     kernelModules = [
       "kvm-intel"
     ];
+    # Make sure the initrd has the necessary IPv4 configuration
+    # - ip=ip-addr:<ignore>:gw-addr:netmask:hostname:interface:autoconf:dns1-addr:dns2-addr
+    # - https://www.kernel.org/doc/Documentation/filesystems/nfs/nfsroot.txt
+    kernelParams = [
+      "ip=116.202.241.253::116.202.241.193:255.255.255.192:${hostname}-initrd:eth0:off:185.12.64.1:185.12.64.2"
+    ];
     # Using GRUB because malak has no EFI boot available
     loader = {
-      grub = {
-        enable = true;
-      };
+      grub.enable = true;
       systemd-boot.enable = lib.mkForce false;
     };
     swraid = {