docs: improve SSH host key rebuild process

This commit is contained in:
teutat3s 2024-01-06 17:15:44 +01:00
parent 139cc86d20
commit eb990d3ec3
Signed by: teutat3s
GPG key ID: 4FA1D3FA524F22C1

View file

@ -40,13 +40,12 @@ nix build '.#nixosConfigurations.test-vm.config.system.build.vm'
./result/bin/run-nixos-vm ./result/bin/run-nixos-vm
# In another terminal, get the ed25519 SSH hostkey, then stop the VM with CTRL-c # In another terminal, get the ed25519 SSH hostkey, then stop the VM with CTRL-c
ssh-keyscan -p 2222 127.0.0.1 | grep ssh-ed25519
... SSH_HOST_KEY=$(ssh-keyscan -p 2222 127.0.0.1 | grep '\[127.0.0.1\]:2222 ssh-ed25519' | awk '{print $2 " " $3}')
[127.0.0.1]:2222 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMdCOs16W731ftPDqO+X6RZVSdwVVNw2Xfmcpk5pzbeO
# Edit secrets.nix and add the SSH hostkey to machine 'test-vm', starting with 'ssh-ed25519 ...' # Edit secrets.nix and add the SSH hostkey to machine 'test-vm', starting with 'ssh-ed25519 ...'
sed --in-place \ sed --in-place \
's|test-vm = .*|test-vm = "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMdCOs16W731ftPDqO+X6RZVSdwVVNw2Xfmcpk5pzbeO host@test-vm";|' \ "s|test-vm = .*|test-vm = \"$SSH_HOST_KEY host@test-vm\";|" \
secrets/secrets.nix secrets/secrets.nix
# Rekey the secrets with agenix # Rekey the secrets with agenix