chore: use agenix, enable initrd networking

2023-02-12 03:40:24 +01:00 · 2023-02-12 03:40:24 +01:00 · b68021b3a4
commit b68021b3a4
parent 855bff0a6f
8 changed files with 79 additions and 83 deletions
--- a/modules/core/default.nix
+++ b/modules/core/default.nix
@ -46,7 +46,8 @@ in {
  };

  networking = {
-    useDHCP = lib.mkForce false;
+    # FIXME: would like to use mkForce false for useDHCP, but nixpkgs#215908 blocks that.
+    useDHCP = true;
    useNetworkd = true;
    wireguard.enable = true;
    dhcpcd.enable = false;
--- a/modules/core/ssh.nix
+++ b/modules/core/ssh.nix
@ -1,4 +1,17 @@
 {
+  config,
+  name,
+  ...
+}: {
+  rekey.secrets.initrd_host_ed25519_key.file = ../../hosts/${name}/initrd_host_ed25519_key.age;
+
+  boot.initrd.network.enable = true;
+  boot.initrd.network.ssh = {
+    enable = true;
+    port = 4;
+    hostKeys = [config.rekey.secrets.initrd_host_ed25519_key.path];
+  };
+
  services.sshd.enable = true;
  services.openssh = {
    enable = true;