modules/nixos/common: add initrd emergencyAccess

nix-community · Aug 2, 2024 · d486e79 · d486e79
1 parent 927004e
commit d486e79
Show file tree

Hide file tree

Showing 4 changed files with 3 additions and 6 deletions.
diff --git a/flake.nix b/flake.nix
@@ -182,7 +182,6 @@
         github-org-backup = ./modules/nixos/github-org-backup.nix;
         hercules-ci = ./modules/nixos/hercules-ci.nix;
         hydra = ./modules/nixos/hydra.nix;
-        emergency-access = ./modules/nixos/emergency-access.nix;
         monitoring = ./modules/nixos/monitoring;
         nur-update = ./modules/nixos/nur-update.nix;
         remote-builder = ./modules/nixos/remote-builder.nix;

diff --git a/hosts/build02/configuration.nix b/hosts/build02/configuration.nix
@@ -9,7 +9,6 @@
     inputs.self.nixosModules.common
     inputs.self.nixosModules.builder
     inputs.self.nixosModules.disko-zfs
-    inputs.self.nixosModules.emergency-access
   ];
 
   # set in srvos, remove when reinstalling

diff --git a/modules/nixos/common/security.nix b/modules/nixos/common/security.nix
@@ -2,6 +2,9 @@
   # Make sure that the firewall is enabled, even if it's the default.
   networking.firewall.enable = true;
 
+  # allow to access emergency shell with a password
+  boot.initrd.systemd.emergencyAccess = "$6$he2fblfl/H7I.kvz$WbSCMXu8ztmqfj5jG4czqvu/rkMHxufxqHgy1urzXFSN.jZB4QiW5lOjR08vk8pZTyim3TT1wFkMaNE9zZ3sc1";
+
   services.openssh = {
     hostKeys = [
       {

diff --git a/modules/nixos/emergency-access.nix b/modules/nixos/emergency-access.nix