Absolute path in config.nix

KerrnelPanic · September 1, 2020, 4:02pm

Hello,
I’d like to have a sshd to enter my password for fs decryption.
I’m trying to do something like:

{ config, pkgs, ... }:

{ boot.initrd = {
	availableKernelModules = [ "aNetModule" ];
	network.enable = true;
	network.ssh = {
		enable = true;
		port = 22;
		authorizedKeys = [ "ssh-rsa AAAAB... aUser@nixos" ];
		hostECDSAKey = /boot/dropbear_ecdsa;
	};
	network.postCommands = '' echo 'cryptsetup-askpass'>>/root/.profile '';
  };
}

This is derived from

and works fine when added to a running system.
It works for installing a fresh system when nix-install finds a copy of /mnt/boot/dropbear_ecdsa in /boot/dropbear_ecdsa.
When I boot to the fresh install, dropbear_ecdsa isn’t present in /mnt/boot/dropbear_ecdsa nor in /boot/dropbear_ecdsa, i.e. I can’t do a nixos-rebuild without further ado.
I would like to setup this sshd while installing without having to quirk with the keyfile, but I don’t know how.
Maybe this question is even more general:
How to cope with absolute paths in config.nix when installing?

Edit: I’m testing this on a vbox at the moment.

KerrnelPanic · September 15, 2020, 6:05am

Update:
I no longer have problems after installing, i.e. all files are in place as they are supposed to and

nixos-rebuild switch

works as intended. I don’t know what changed to make things work now.
I still have to copy the key during the installation process to a rather pointless

/boot/dropbear_ecdsa

So this has evolved from a problem to an inconvenience
In more complicated setups that rely on several absolute paths, this could still become messy I think.