rename hidden-announce to hidden-ssh-announce, create qr codes
All checks were successful
build / test (push) Successful in 11s
All checks were successful
build / test (push) Successful in 11s
This commit is contained in:
parent
930f1660e9
commit
e9c0432681
|
|
@ -31,12 +31,12 @@
|
|||
installer = {
|
||||
imports = [
|
||||
./installer.nix
|
||||
./hidden-announce.nix
|
||||
./hidden-ssh-announce.nix
|
||||
];
|
||||
};
|
||||
hidden-announce = {
|
||||
imports = [
|
||||
./hidden-announce.nix
|
||||
./hidden-ssh-announce.nix
|
||||
];
|
||||
};
|
||||
};
|
||||
|
|
|
|||
|
|
@ -3,11 +3,11 @@
|
|||
, pkgs
|
||||
, ...
|
||||
}: {
|
||||
options.hidden-announce = {
|
||||
enable = lib.mkEnableOption "hidden-announce";
|
||||
options.hidden-ssh-announce = {
|
||||
enable = lib.mkEnableOption "hidden-ssh-announce";
|
||||
script = lib.mkOption {
|
||||
type = lib.types.package;
|
||||
default = pkgs.writers.writeDash "test-output";
|
||||
default = pkgs.writers.writeDash "test-output" "echo $1";
|
||||
description = ''
|
||||
script to run when the hidden tor service was started and they hostname is known.
|
||||
takes the hostname as $1
|
||||
|
|
@ -15,7 +15,8 @@
|
|||
};
|
||||
};
|
||||
|
||||
config = lib.mkIf config.hidden-announce.enable {
|
||||
config = lib.mkIf config.hidden-ssh-announce.enable {
|
||||
services.openssh.enable = true;
|
||||
services.tor = {
|
||||
enable = true;
|
||||
relay.onionServices.hidden-ssh = {
|
||||
|
|
@ -43,7 +44,7 @@
|
|||
sleep 1
|
||||
done
|
||||
|
||||
${config.hidden-announce.script} "$(cat ${config.services.tor.settings.DataDirectory}/onion/hidden-ssh/hostname)"
|
||||
${config.hidden-ssh-announce.script} "$(cat ${config.services.tor.settings.DataDirectory}/onion/hidden-ssh/hostname)"
|
||||
'';
|
||||
PrivateTmp = "true";
|
||||
User = "tor";
|
||||
|
|
@ -11,18 +11,27 @@
|
|||
${pkgs.pwgen}/bin/pwgen -s 16 1 > /var/shared/root-password
|
||||
echo "root:$(cat /var/shared/root-password)" | chpasswd
|
||||
'';
|
||||
hidden-announce = {
|
||||
hidden-ssh-announce = {
|
||||
enable = true;
|
||||
script = pkgs.writers.writeDash "write-hostname" ''
|
||||
mkdir -p /var/shared
|
||||
echo "$1" > /var/shared/onion-hostname
|
||||
${pkgs.jq}/bin/jq -nc \
|
||||
--arg password "$(cat /var/shared/root-password)" \
|
||||
--arg address "$(cat /var/shared/onion-hostname)" '{
|
||||
password: $password, address: $address
|
||||
}' > /var/shared/login.info
|
||||
cat /var/shared/login.info |
|
||||
${pkgs.qrencode}/bin/qrencode -t utf8 > /var/shared/qrcode.utf8
|
||||
cat /var/shared/login.info |
|
||||
${pkgs.qrencode}/bin/qrencode -t png > /var/shared/qrcode.png
|
||||
'';
|
||||
};
|
||||
services.getty.autologinUser = lib.mkForce "root";
|
||||
programs.bash.interactiveShellInit = ''
|
||||
if [ "$(tty)" = "/dev/tty1" ]; then
|
||||
until test -e /var/shared/onion-hostname; do sleep 1; done
|
||||
echo "ssh://root:$(cat /var/shared/root-password)@$(cat /var/shared/onion-hostname)"
|
||||
until test -e /var/shared/qrcode.utf8; do sleep 1; done
|
||||
cat /var/shared/qrcode.utf8
|
||||
fi
|
||||
'';
|
||||
formatConfigs.install-iso = {
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user