add phone config

2024-11-24 18:10:44 +01:00 · 2024-11-24 18:10:44 +01:00 · 44b17a0648
commit 44b17a0648
parent 3b10a0f211
6 changed files with 318 additions and 2 deletions
--- a/hosts/droid/default.nix
+++ b/hosts/droid/default.nix
@ -0,0 +1,14 @@
+{
+  nixpkgs,
+  nix-on-droid,
+  home-manager,
+  ...
+}:
+nix-on-droid.lib.nixOnDroidConfiguration {
+  pkgs = import nixpkgs { system = "aarch64-linux"; };
+  modules = [
+    home-manager.nixosModules.home-manager
+    ./sshd.nix
+    ./stuff.nix
+  ];
+}
--- a/hosts/droid/sshd.nix
+++ b/hosts/droid/sshd.nix
@ -0,0 +1,37 @@
+{ config, pkgs, ... }:
+let
+  sshdTmpDirectory = "${config.user.home}/sshd-tmp";
+  sshdDirectory = "${config.user.home}/sshd";
+  pubKeys = ''
+    ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIPDNpLDmctyqGpow/ElQvdhY4BLBPS/sigDJ1QEcC7wC vinzenz-lpt2-roaming
+  '';
+  port = 8022;
+in
+{
+  build.activation.sshd = ''
+    $DRY_RUN_CMD mkdir $VERBOSE_ARG --parents "${config.user.home}/.ssh"
+    $DRY_RUN_CMD echo "${pubKeys}" > "${config.user.home}/.ssh/authorized_keys"
+
+    if [[ ! -d "${sshdDirectory}" ]]; then
+      $DRY_RUN_CMD rm $VERBOSE_ARG --recursive --force "${sshdTmpDirectory}"
+      $DRY_RUN_CMD mkdir $VERBOSE_ARG --parents "${sshdTmpDirectory}"
+
+      $VERBOSE_ECHO "Generating host keys..."
+      $DRY_RUN_CMD ${pkgs.openssh}/bin/ssh-keygen -t rsa -b 4096 -f "${sshdTmpDirectory}/ssh_host_rsa_key" -N ""
+
+      $VERBOSE_ECHO "Writing sshd_config..."
+      $DRY_RUN_CMD echo -e "HostKey ${sshdDirectory}/ssh_host_rsa_key\nPort ${toString port}\n" > "${sshdTmpDirectory}/sshd_config"
+
+      $DRY_RUN_CMD mv $VERBOSE_ARG "${sshdTmpDirectory}" "${sshdDirectory}"
+    fi
+  '';
+
+  environment.packages = [
+    (pkgs.writeScriptBin "sshd-start" ''
+      #!${pkgs.runtimeShell}
+
+      echo "Starting sshd in non-daemonized way on port ${toString port}"
+      ${pkgs.openssh}/bin/sshd -f "${sshdDirectory}/sshd_config" -D
+    '')
+  ];
+}
--- a/hosts/droid/stuff.nix
+++ b/hosts/droid/stuff.nix
@ -0,0 +1,23 @@
+{
+  pkgs,
+  ...
+}:
+{
+  environment.packages = with pkgs; [
+    nano
+    hostname
+    zsh
+    openssh
+    which
+    curl
+  ];
+
+  # Backup etc files instead of failing to activate generation if a file already exists in /etc
+  environment.etcBackupExtension = ".bak";
+
+  system.stateVersion = "24.05";
+  nix.extraOptions = ''
+    experimental-features = nix-command flakes
+  '';
+  time.timeZone = "Europe/Berlin";
+}