From ab6e71661784ac8dac3cf4226e4bad21158ae6c7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Thalheim?= <joerg@thalheim.io>
Date: Fri, 12 Jul 2024 00:12:49 +0200
Subject: [PATCH] make it a shell instead of ssh

I had issues with the network but than didn't bothered further because
the terminal access was good enough.
---
 flake.nix                          |  2 +-
 hosts/build02/configuration.nix    |  1 -
 modules/nixos/emergency-access.nix |  4 ++++
 modules/nixos/initrd-ssh.nix       | 21 ---------------------
 4 files changed, 5 insertions(+), 23 deletions(-)
 create mode 100644 modules/nixos/emergency-access.nix
 delete mode 100644 modules/nixos/initrd-ssh.nix

diff --git a/flake.nix b/flake.nix
index 369e477..437784c 100644
--- a/flake.nix
+++ b/flake.nix
@@ -161,7 +161,7 @@
           github-org-backup = ./modules/nixos/github-org-backup.nix;
           hercules-ci = ./modules/nixos/hercules-ci.nix;
           hydra = ./modules/nixos/hydra.nix;
-          initrd-ssh = ./modules/nixos/initrd-ssh.nix;
+          emergency-access = ./modules/nixos/emergency-access.nix;
           monitoring = ./modules/nixos/monitoring;
           nur-update = ./modules/nixos/nur-update.nix;
           remote-builder = ./modules/nixos/remote-builder.nix;
diff --git a/hosts/build02/configuration.nix b/hosts/build02/configuration.nix
index 7a2b4a9..c6e5914 100644
--- a/hosts/build02/configuration.nix
+++ b/hosts/build02/configuration.nix
@@ -9,7 +9,6 @@
     inputs.self.nixosModules.common
     inputs.self.nixosModules.builder
     inputs.self.nixosModules.disko-zfs
-    inputs.self.nixosModules.initrd-ssh
   ];
 
   nixCommunity.gc.gbFree = 500;
diff --git a/modules/nixos/emergency-access.nix b/modules/nixos/emergency-access.nix
new file mode 100644
index 0000000..e26e305
--- /dev/null
+++ b/modules/nixos/emergency-access.nix
@@ -0,0 +1,4 @@
+{
+  # allow to access emergency shell with a password
+  boot.initrd.systemd.emergencyAccess = "$6$he2fblfl/H7I.kvz$WbSCMXu8ztmqfj5jG4czqvu/rkMHxufxqHgy1urzXFSN.jZB4QiW5lOjR08vk8pZTyim3TT1wFkMaNE9zZ3sc1";
+}
diff --git a/modules/nixos/initrd-ssh.nix b/modules/nixos/initrd-ssh.nix
deleted file mode 100644
index b8d4470..0000000
--- a/modules/nixos/initrd-ssh.nix
+++ /dev/null
@@ -1,21 +0,0 @@
-{ config, ... }:
-let
-  admins = builtins.filter (user: builtins.elem "wheel" user.extraGroups) (builtins.attrValues config.users.users);
-in
-{
-  boot.initrd.systemd.network.networks."10-uplink" = config.systemd.network.networks."10-uplink";
-
-  boot.initrd.network = {
-    enable = true;
-    ssh = {
-      enable = true;
-      port = 2222;
-      # fixme, how can we provide this file on the first installation?
-      hostKeys = [ "/etc/ssh/ssh_host_ed25519_key" ];
-    };
-  };
-  boot.initrd.kernelModules = [ "igb" ]; # fixme, this depends on the kernel version
-  boot.initrd.network.ssh.authorizedKeyFiles = builtins.concatMap (user: user.openssh.authorizedKeys.keyFiles) admins;
-
-  boot.initrd.systemd.emergencyAccess = "$6$he2fblfl/H7I.kvz$WbSCMXu8ztmqfj5jG4czqvu/rkMHxufxqHgy1urzXFSN.jZB4QiW5lOjR08vk8pZTyim3TT1wFkMaNE9zZ3sc1";
-}