altano
January 24, 2022, 2:38am
1
I’m going to be installing NixOS in environments where pasting a long ssh public key is not possible (and certainly not manually typing it).
One workaround is:
create a base system where I have a root user with a password
enable ssh with root login allowed:
services.openssh = {
enable = true;
passwordAuthentication = true;
permitRootLogin = "yes";
};
ssh in from another machine and edit configuration.nix to
services.openssh = {
enable = true;
passwordAuthentication = false;
permitRootLogin = "no";
};
Is there a better way of handling this during installation itself? I would love to collapse this to one step.
One idea I had:
publish a myusername.nix file on my website. this would have my user’s configuration including ssh public key
during install, edit configuration.nix to install wget
wget myusername.nix and then include it from configuration.nix
Is that feasible? Are there any simpler approaches?
altano
January 24, 2022, 3:49am
2
curl is on the minimal iso so I can simplify my idea to:
Publish a baseline.nix file on my website. This would have my baseline configuration including ssh public key.
When I’m on the CLI in the nix installer I can run: curl https://path/to/my/baseline.nix --output /mnt/etc/nixos/baseline.nix
Add ./baseline.nix to my imports in configuration.nix
I’m still interested in better solutions.
My “fix” (and I’m playing real fast and loose with the word here) is a script that is curl’d down to the machine in question and run which then writes out the minimal configuration required to boot and then runs the installer. nixops then takes care of everything after that.
1 Like
Check out builtins.split in the Nix Manual
might give you inspiration on how to do things the nix way.
Then again, it may not.