| 123456789101112131415161718192021222324252627282930313233 |
- #!/usr/bin/env bash
- # Create a temporary directory
- temp=$(mktemp -d)
- # Function to cleanup temporary directory on exit
- cleanup() {
- rm -rf "$temp"
- }
- trap cleanup EXIT
- # Create the directory where sshd expects to find the host keys
- install -d -m755 "$temp/persist/etc/ssh"
- install -d -m755 "$temp/etc/ssh"
- # Decrypt your private key from the password store and copy it to the temporary directory
- cat ./ssh_host_ed25519_key.txt > "$temp/persist/etc/ssh/ssh_host_ed25519_key"
- cat ./ssh_host_rsa_key.txt > "$temp/persist/etc/ssh/ssh_host_rsa_key"
- cat ./ssh_host_ed25519_key.txt > "$temp/etc/ssh/ssh_host_ed25519_key"
- cat ./ssh_host_rsa_key.txt > "$temp/etc/ssh/ssh_host_rsa_key"
- # Set the correct permissions so sshd will accept the key
- chmod 600 "$temp/persist/etc/ssh/ssh_host_ed25519_key"
- chmod 600 "$temp/persist/etc/ssh/ssh_host_rsa_key"
- chmod 600 "$temp/etc/ssh/ssh_host_ed25519_key"
- chmod 600 "$temp/etc/ssh/ssh_host_rsa_key"
- # Install NixOS to the host system with our secrets
- nix run github:nix-community/nixos-anywhere -- \
- --disko-mode mount \
- --extra-files "$temp" \
- --flake .#odin \
- --target-host [email protected]
|
