diff options
author | lassulus <lassulus@lassul.us> | 2019-04-17 18:12:47 +0200 |
---|---|---|
committer | lassulus <lassulus@lassul.us> | 2019-04-17 18:12:47 +0200 |
commit | ff86e4a137ff28b0a3ef2279d7397aa81cea1c03 (patch) | |
tree | 7b7aad4d7e52cda9a99e9a284d773ef1b75b1916 | |
parent | 631bc1c48068a3649762074178f85e3024bd1736 (diff) |
l shodan.r & icarus.r: decrypt via ssh
-rw-r--r-- | lass/1systems/icarus/config.nix | 1 | ||||
-rw-r--r-- | lass/1systems/shodan/config.nix | 1 | ||||
-rw-r--r-- | lass/2configs/ssh-cryptsetup.nix | 17 |
3 files changed, 19 insertions, 0 deletions
diff --git a/lass/1systems/icarus/config.nix b/lass/1systems/icarus/config.nix index 06b1e7366..d8c8699ae 100644 --- a/lass/1systems/icarus/config.nix +++ b/lass/1systems/icarus/config.nix @@ -20,6 +20,7 @@ <stockholm/lass/2configs/syncthing.nix> <stockholm/lass/2configs/nfs-dl.nix> <stockholm/lass/2configs/prism-share.nix> + <stockholm/lass/2configs/ssh-cryptsetup.nix> ]; krebs.build.host = config.krebs.hosts.icarus; diff --git a/lass/1systems/shodan/config.nix b/lass/1systems/shodan/config.nix index 7236d5e9f..5de87d790 100644 --- a/lass/1systems/shodan/config.nix +++ b/lass/1systems/shodan/config.nix @@ -16,6 +16,7 @@ with import <stockholm/lib>; <stockholm/lass/2configs/backup.nix> <stockholm/lass/2configs/blue-host.nix> <stockholm/lass/2configs/green-host.nix> + <stockholm/lass/2configs/ssh-cryptsetup.nix> ]; krebs.build.host = config.krebs.hosts.shodan; diff --git a/lass/2configs/ssh-cryptsetup.nix b/lass/2configs/ssh-cryptsetup.nix new file mode 100644 index 000000000..c5e1c5928 --- /dev/null +++ b/lass/2configs/ssh-cryptsetup.nix @@ -0,0 +1,17 @@ +{ config, ... }: +{ + boot.initrd = { + network = { + enable = true; + ssh = { + enable = true; + authorizedKeys = with config.krebs.users; [ + config.krebs.users.lass-mors.pubkey + config.krebs.users.lass-blue.pubkey + config.krebs.users.lass-shodan.pubkey + config.krebs.users.lass-icarus.pubkey + ]; + }; + }; + }; +} |