forked from Mirrors/nixos-infect
don't ingest garbage from authorized_keys
This commit is contained in:
Eric Litak
parent
41d040d7d9
commit
8de6d61e15
1 changed files with 1 additions and 7 deletions
|
|
@ -40,19 +40,13 @@
|
||||||
|
|
||||||
set -ex
|
set -ex
|
||||||
|
|
||||||
# If you have another NixOS host in the cloud, add it here to speed up the
|
|
||||||
# package downloads. Use "ssh -A" with your key loaded to run the script!
|
|
||||||
# (also ssh-keygen -R the host so that agent forwarding isn't disabled)
|
|
||||||
# This also reduces load on NixOS servers, so please make an effort to use it
|
|
||||||
# whenever possible. Better yet, just clone your VPS using snapshots.
|
|
||||||
|
|
||||||
nixos_channel=nixos-unstable
|
nixos_channel=nixos-unstable
|
||||||
#nixos_channel=nixos-16.03
|
#nixos_channel=nixos-16.03
|
||||||
|
|
||||||
makeConf() {
|
makeConf() {
|
||||||
# NB <<"EOF" quotes / $ ` in heredocs, <<EOF does not
|
# NB <<"EOF" quotes / $ ` in heredocs, <<EOF does not
|
||||||
mkdir -p /etc/nixos
|
mkdir -p /etc/nixos
|
||||||
local IFS=$'\n'; keys=($(cat /root/.ssh/authorized_keys))
|
local IFS=$'\n'; keys=($(grep -vE '^[[:space:]]*(#|$)' /root/.ssh/authorized_keys))
|
||||||
cat > /etc/nixos/configuration.nix << EOF
|
cat > /etc/nixos/configuration.nix << EOF
|
||||||
{ ... }: {
|
{ ... }: {
|
||||||
imports = [
|
imports = [
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue