additional options needed to build aws image

This commit is contained in:
Noah Masur 2022-09-20 12:50:04 +00:00
parent 9e3345ff9b
commit 720a3cc409
2 changed files with 22 additions and 7 deletions

View File

@ -1,22 +1,31 @@
{ nixpkgs, system, nixos-generators, home-manager, globals, ... }:
nixos-generators.nixoGenerate {
nixos-generators.nixosGenerate {
inherit system;
imports = [
globals
format = "amazon";
modules = [
home-manager.nixosModules.home-manager
{
user = globals.user;
fullName = globals.fullName;
dotfilesRepo = globals.dotfilesRepo;
gitName = globals.gitName;
gitEmail = globals.gitEmail;
networking.hostName = "sheep";
gui.enable = false;
colorscheme = (import ../../modules/colorscheme/gruvbox);
colorscheme = (import ../modules/colorscheme/gruvbox);
passwordHash =
"$6$PZYiMGmJIIHAepTM$Wx5EqTQ5GApzXx58nvi8azh16pdxrN6Qrv1wunDlzveOgawitWzcIxuj76X9V868fsPi/NOIEO8yVXqwzS9UF.";
publicKey =
"ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s";
# AWS settings require this
permitRootLogin = "prohibit-password";
}
../hosts/common.nix
../modules/nixos
../modules/services/sshd.nix
] ++ [
# Required to fix diskSize errors during build
({ ... }: { amazonImage.sizeMB = 16 * 1024; })
];
format = "aws";
}

View File

@ -5,6 +5,11 @@
type = lib.types.str;
description = "Public SSH key authorized for this system.";
};
permitRootLogin = lib.mkOption {
type = lib.types.str;
description = "Root login settings.";
default = "no";
};
};
config = {
@ -15,10 +20,11 @@
gatewayPorts = "no";
forwardX11 = false;
allowSFTP = true;
permitRootLogin = "no";
permitRootLogin = config.permitRootLogin;
};
users.users.${config.user}.authorizedKeys.keys = [ config.publicKey ];
users.users.${config.user}.openssh.authorizedKeys.keys =
[ config.publicKey ];
};
}