22 lines
641 B
Bash
22 lines
641 B
Bash
#!/usr/bin/env bash
|
|
|
|
# Create a temporary directory
|
|
temp=$(mktemp -d)
|
|
|
|
# Function to cleanup temporary directory on exit
|
|
cleanup() {
|
|
rm -rf "$temp"
|
|
}
|
|
trap cleanup EXIT
|
|
|
|
# Create the directory where sshd expects to find the host keys
|
|
install -d -m755 "$temp/etc/ssh"
|
|
|
|
# Decrypt your private key from the password store and copy it to the temporary directory
|
|
pass ssh_host_rsa_key > "$temp/etc/ssh/ssh_host_rsa_key"
|
|
|
|
# Set the correct permissions so sshd will accept the key
|
|
chmod 600 "$temp/etc/ssh/ssh_host_rsa_key"
|
|
|
|
# Install NixOS to the host system with our secrets
|
|
nixos-anywhere --extra-files "$temp" --flake '.#your-host' root@yourip |