vidhar: initrd networking

1 files changed, 20 insertions, 1 deletions

diff --git a/hosts/vidhar/default.nix b/hosts/vidhar/default.nix
index fecbfe9d..d28aeed7 100644
--- a/hosts/vidhar/default.nix
+++ b/hosts/vidhar/default.nix
@@ -27,7 +27,7 @@
 
       initrd = {
         supportedFilesystems = [ "zfs" ];
-        availableKernelModules = [ "ehci_pci" "ahci" "nvme" "isci" "xhci_pci" "usb_storage" "usbhid" "sd_mod" "sr_mod" "drbg" "rtsx_pci_sdmmc" "libsas" "scsi_transport_sas" ];
+        availableKernelModules = [ "ehci_pci" "ahci" "nvme" "isci" "xhci_pci" "usb_storage" "usbhid" "sd_mod" "sr_mod" "drbg" "rtsx_pci_sdmmc" "libsas" "scsi_transport_sas" "e1000e" ];
         kernelModules = [ "dm-raid" "dm-integrity" "dm-snapshot" "dm-thin-pool" ];
 
         luks.devices = {
@@ -41,6 +41,14 @@
           hdd4.device = "/dev/disk/by-label/${hostName}-hdd4";
           hdd5.device = "/dev/disk/by-label/${hostName}-hdd5";
         };
+
+        network = {
+          enable = true;
+          ssh = {
+            enable = true;
+            hostKeys = with config.sops.secrets; [ initrd_ssh_host_rsa_key.path initrd_ssh_host_ed25519_key.path ];
+          };
+        };
       };
       
       supportedFilesystems = [ "zfs" ];
@@ -49,6 +57,17 @@
       };
     };
 
+    sops.secrets = {
+      initrd_ssh_host_rsa_key = {
+          key = "rsa";
+          sopsFile = ./initrd-host-keys/private.yaml;
+      };
+      initrd_ssh_host_ed25519_key = {
+          key = "ed25519";
+          sopsFile = ./initrd-host-keys/private.yaml;
+      };
+    };
+
     fileSystems = {
       "/" = {
         fsType = "tmpfs";