Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Basic sshd module #156

Closed
Gerschtli opened this issue Dec 14, 2021 · 4 comments
Closed

Basic sshd module #156

Gerschtli opened this issue Dec 14, 2021 · 4 comments

Comments

@Gerschtli
Copy link
Collaborator

I was tired of always copy-pasting the instructions from the Wiki to set up sshd, so I build this litte config:

let
  sshdTmpDirectory = "${config.user.home}/sshd-tmp";
  sshdDirectory = "${config.user.home}/sshd";
  pathToPubKey = "...";
  port = 8022;
in
{
  build.activation.sshd = ''
    $DRY_RUN_CMD mkdir $VERBOSE_ARG --parents "${config.user.home}/.ssh"
    $DRY_RUN_CMD cat ${pathToPubKey} > "${config.user.home}/.ssh/authorized_keys"

    if [[ ! -d "${sshdDirectory}" ]]; then
      $DRY_RUN_CMD rm $VERBOSE_ARG --recursive --force "${sshdTmpDirectory}"
      $DRY_RUN_CMD mkdir $VERBOSE_ARG --parents "${sshdTmpDirectory}"

      $VERBOSE_ECHO "Generating host keys..."
      $DRY_RUN_CMD ${pkgs.openssh}/bin/ssh-keygen -t rsa -b 4096 -f "${sshdTmpDirectory}/ssh_host_rsa_key" -N ""

      $VERBOSE_ECHO "Writing sshd_config..."
      $DRY_RUN_CMD echo -e "HostKey ${sshdDirectory}/ssh_host_rsa_key\nPort ${toString port}\n" > "${sshdTmpDirectory}/sshd_config"

      $DRY_RUN_CMD mv $VERBOSE_ARG "${sshdTmpDirectory}" "${sshdDirectory}"
    fi
  '';

  environment.packages = [
    (pkgs.writeScriptBin "sshd-start" ''
      #!${pkgs.runtimeShell}

      echo "Starting sshd in non-daemonized way on port ${toString port}"
      ${pkgs.openssh}/bin/sshd -f "${sshdDirectory}/sshd_config" -D
    '')
  ];
}

It is not really sophisticated and could be improved a lot but maybe it is worth adding that as a module?

Maybe it is just enough to keep it here or put it into the Wiki until we have a solid solution for how to run services in our nix-on-droid environment.

I mainly wanted to share that snippet in case anyone has the same problem :)

@t184256
Copy link
Collaborator

t184256 commented Dec 14, 2021

Not to downplay the snippet's usefulness, but I'm afraid it's wiki material. Services starting up on activation is neither what I'd expect as a user nor what I'd want to maintain wrt interface stability and testing.

@Gerschtli
Copy link
Collaborator Author

For the record: This snippet is not starting any service on activation.It is just setting up all files needed for sshd. But I agree, it is Wiki material :)

@t184256
Copy link
Collaborator

t184256 commented Dec 14, 2021

Oh, right, sorry.

@Gerschtli
Copy link
Collaborator Author

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants