pyrox.dev
1{ config, lib, pkgs, ... }:
2
3with lib;
4let
5 cfg = config.virtualisation.azureImage;
6in
7{
8 imports = [ ./azure-common.nix ];
9
10 options = {
11 virtualisation.azureImage.diskSize = mkOption {
12 type = with types; either (enum [ "auto" ]) int;
13 default = "auto";
14 example = 2048;
15 description = lib.mdDoc ''
16 Size of disk image. Unit is MB.
17 '';
18 };
19 };
20 config = {
21 system.build.azureImage = import ../../lib/make-disk-image.nix {
22 name = "azure-image";
23 postVM = ''
24 ${pkgs.vmTools.qemu}/bin/qemu-img convert -f raw -o subformat=fixed,force_size -O vpc $diskImage $out/disk.vhd
25 rm $diskImage
26 '';
27 configFile = ./azure-config-user.nix;
28 format = "raw";
29 inherit (cfg) diskSize;
30 inherit config lib pkgs;
31 };
32
33 # Azure metadata is available as a CD-ROM drive.
34 fileSystems."/metadata".device = "/dev/sr0";
35
36 systemd.services.fetch-ssh-keys = {
37 description = "Fetch host keys and authorized_keys for root user";
38
39 wantedBy = [ "sshd.service" "waagent.service" ];
40 before = [ "sshd.service" "waagent.service" ];
41
42 path = [ pkgs.coreutils ];
43 script =
44 ''
45 eval "$(cat /metadata/CustomData.bin)"
46 if ! [ -z "$ssh_host_ecdsa_key" ]; then
47 echo "downloaded ssh_host_ecdsa_key"
48 echo "$ssh_host_ecdsa_key" > /etc/ssh/ssh_host_ed25519_key
49 chmod 600 /etc/ssh/ssh_host_ed25519_key
50 fi
51
52 if ! [ -z "$ssh_host_ecdsa_key_pub" ]; then
53 echo "downloaded ssh_host_ecdsa_key_pub"
54 echo "$ssh_host_ecdsa_key_pub" > /etc/ssh/ssh_host_ed25519_key.pub
55 chmod 644 /etc/ssh/ssh_host_ed25519_key.pub
56 fi
57
58 if ! [ -z "$ssh_root_auth_key" ]; then
59 echo "downloaded ssh_root_auth_key"
60 mkdir -m 0700 -p /root/.ssh
61 echo "$ssh_root_auth_key" > /root/.ssh/authorized_keys
62 chmod 600 /root/.ssh/authorized_keys
63 fi
64 '';
65 serviceConfig.Type = "oneshot";
66 serviceConfig.RemainAfterExit = true;
67 serviceConfig.StandardError = "journal+console";
68 serviceConfig.StandardOutput = "journal+console";
69 };
70 };
71}