machines/desastro: luks-unlock in initramfs on port 22

commit b4e3001048cb3d368e836f6302d06816d944e130
parent c85f91b4062003bd9ac9d4d7d75f260f63325b64
Author: Leah (ctucx) <leah@ctu.cx>
Date: Tue, 13 Sep 2022 21:52:43 +0200

machines/desastro: luks-unlock in initramfs on port 22

1 file changed, 9 insertions(+), 9 deletions(-)

machines/desastro/configuration.nix

+++++++++---------

diff --git a/machines/desastro/configuration.nix b/machines/desastro/configuration.nix
@@ -19,20 +19,20 @@
     kernel.sysctl."net.ipv4.ip_forward"          = true;
     kernel.sysctl."net.ipv6.conf.all.forwarding" = true;
 
-    loader = {
-      grub.enable                = true;
-      grub.version               = 2;
-      grub.efiSupport            = true;
-      grub.efiInstallAsRemovable = true;
-      grub.device                = "nodev";
+    loader.grub = {
+      enable                = true;
+      version               = 2;
+      efiSupport            = true;
+      efiInstallAsRemovable = true;
+      device                = "nodev";
     };
 
     initrd.network = {
       enable = true;
       ssh = {
-        enable = true;
-        port = 22222;
-        hostKeys = [ /var/src/secrets/initrd-ecdsa-hostkey ];
+        enable         = true;
+        port           = 22;
+        hostKeys       = [ /etc/ssh/ssh_host_rsa_key ];
         authorizedKeys = with lib; concatLists (mapAttrsToList (name: user: if elem "wheel" user.extraGroups then user.openssh.authorizedKeys.keys else []) config.users.users);
       };