additional options needed to build aws image

2024-11-09 23:22:57 +00:00 · 2022-09-20 12:50:04 +00:00 · 2022-09-20 12:50:04 +00:00 · 720a3cc409
commit 720a3cc409
parent 9e3345ff9b
2 changed files with 22 additions and 7 deletions
--- a/generators/aws.nix
+++ b/generators/aws.nix
@ -1,22 +1,31 @@
 { nixpkgs, system, nixos-generators, home-manager, globals, ... }:

-nixos-generators.nixoGenerate {
+nixos-generators.nixosGenerate {
  inherit system;
-  imports = [
-    globals
+  format = "amazon";
+  modules = [
    home-manager.nixosModules.home-manager
    {
+      user = globals.user;
+      fullName = globals.fullName;
+      dotfilesRepo = globals.dotfilesRepo;
+      gitName = globals.gitName;
+      gitEmail = globals.gitEmail;
      networking.hostName = "sheep";
      gui.enable = false;
-      colorscheme = (import ../../modules/colorscheme/gruvbox);
+      colorscheme = (import ../modules/colorscheme/gruvbox);
      passwordHash =
        "$6$PZYiMGmJIIHAepTM$Wx5EqTQ5GApzXx58nvi8azh16pdxrN6Qrv1wunDlzveOgawitWzcIxuj76X9V868fsPi/NOIEO8yVXqwzS9UF.";
      publicKey =
        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIB+AbmjGEwITk5CK9y7+Rg27Fokgj9QEjgc9wST6MA3s";
+      # AWS settings require this
+      permitRootLogin = "prohibit-password";
    }
    ../hosts/common.nix
    ../modules/nixos
    ../modules/services/sshd.nix
+  ] ++ [
+    # Required to fix diskSize errors during build
+    ({ ... }: { amazonImage.sizeMB = 16 * 1024; })
  ];
-  format = "aws";
 }
--- a/modules/services/sshd.nix
+++ b/modules/services/sshd.nix
@ -5,6 +5,11 @@
      type = lib.types.str;
      description = "Public SSH key authorized for this system.";
    };
+    permitRootLogin = lib.mkOption {
+      type = lib.types.str;
+      description = "Root login settings.";
+      default = "no";
+    };
  };

  config = {
@ -15,10 +20,11 @@
      gatewayPorts = "no";
      forwardX11 = false;
      allowSFTP = true;
-      permitRootLogin = "no";
+      permitRootLogin = config.permitRootLogin;
    };

-    users.users.${config.user}.authorizedKeys.keys = [ config.publicKey ];
+    users.users.${config.user}.openssh.authorizedKeys.keys =
+      [ config.publicKey ];
  };

 }