| 
									
										
										
										
											2014-09-06 21:37:46 +02:00
										 |  |  | { config, lib, pkgs, ... }: | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | with lib; | 
					
						
							|  |  |  | let | 
					
						
							| 
									
										
										
										
											2018-06-12 02:03:23 -07:00
										 |  |  |   diskSize = 2048; | 
					
						
							| 
									
										
										
										
											2014-09-06 21:37:46 +02:00
										 |  |  | in | 
					
						
							|  |  |  | { | 
					
						
							| 
									
										
										
										
											2017-04-25 02:59:13 +00:00
										 |  |  |   system.build.azureImage = import ../../lib/make-disk-image.nix { | 
					
						
							|  |  |  |     name = "azure-image"; | 
					
						
							|  |  |  |     postVM = ''
 | 
					
						
							| 
									
										
										
										
											2018-06-12 02:03:23 -07:00
										 |  |  |       ${pkgs.vmTools.qemu}/bin/qemu-img convert -f raw -o subformat=fixed,force_size -O vpc $diskImage $out/disk.vhd | 
					
						
							| 
									
										
										
										
											2017-04-25 02:59:13 +00:00
										 |  |  |     '';
 | 
					
						
							|  |  |  |     configFile = ./azure-config-user.nix; | 
					
						
							|  |  |  |     format = "raw"; | 
					
						
							|  |  |  |     inherit diskSize; | 
					
						
							|  |  |  |     inherit config lib pkgs; | 
					
						
							|  |  |  |   }; | 
					
						
							| 
									
										
										
										
											2014-09-06 21:37:46 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-05-03 20:18:18 +03:00
										 |  |  |   imports = [ ./azure-common.nix ]; | 
					
						
							| 
									
										
										
										
											2014-09-06 21:37:46 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2014-09-06 21:53:10 +02:00
										 |  |  |   # Azure metadata is available as a CD-ROM drive. | 
					
						
							|  |  |  |   fileSystems."/metadata".device = "/dev/sr0"; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-02-16 16:54:30 +02:00
										 |  |  |   systemd.services.fetch-ssh-keys = | 
					
						
							|  |  |  |     { description = "Fetch host keys and authorized_keys for root user"; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2015-12-09 07:39:17 +02:00
										 |  |  |       wantedBy = [ "sshd.service" "waagent.service" ]; | 
					
						
							|  |  |  |       before = [ "sshd.service" "waagent.service" ]; | 
					
						
							| 
									
										
										
										
											2015-02-16 16:54:30 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  |       path  = [ pkgs.coreutils ]; | 
					
						
							|  |  |  |       script = | 
					
						
							|  |  |  |         ''
 | 
					
						
							| 
									
										
										
										
											2016-01-10 11:35:44 +02:00
										 |  |  |           eval "$(cat /metadata/CustomData.bin)" | 
					
						
							| 
									
										
										
										
											2015-02-16 16:54:30 +02:00
										 |  |  |           if ! [ -z "$ssh_host_ecdsa_key" ]; then | 
					
						
							|  |  |  |             echo "downloaded ssh_host_ecdsa_key" | 
					
						
							| 
									
										
										
										
											2015-12-09 07:39:17 +02:00
										 |  |  |             echo "$ssh_host_ecdsa_key" > /etc/ssh/ssh_host_ed25519_key | 
					
						
							|  |  |  |             chmod 600 /etc/ssh/ssh_host_ed25519_key | 
					
						
							| 
									
										
										
										
											2015-02-16 16:54:30 +02:00
										 |  |  |           fi | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |           if ! [ -z "$ssh_host_ecdsa_key_pub" ]; then | 
					
						
							|  |  |  |             echo "downloaded ssh_host_ecdsa_key_pub" | 
					
						
							| 
									
										
										
										
											2015-12-09 07:39:17 +02:00
										 |  |  |             echo "$ssh_host_ecdsa_key_pub" > /etc/ssh/ssh_host_ed25519_key.pub | 
					
						
							|  |  |  |             chmod 644 /etc/ssh/ssh_host_ed25519_key.pub | 
					
						
							| 
									
										
										
										
											2015-02-16 16:54:30 +02:00
										 |  |  |           fi | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  |           if ! [ -z "$ssh_root_auth_key" ]; then | 
					
						
							|  |  |  |             echo "downloaded ssh_root_auth_key" | 
					
						
							|  |  |  |             mkdir -m 0700 -p /root/.ssh | 
					
						
							|  |  |  |             echo "$ssh_root_auth_key" > /root/.ssh/authorized_keys | 
					
						
							|  |  |  |             chmod 600 /root/.ssh/authorized_keys | 
					
						
							|  |  |  |           fi | 
					
						
							|  |  |  |         '';
 | 
					
						
							|  |  |  |       serviceConfig.Type = "oneshot"; | 
					
						
							|  |  |  |       serviceConfig.RemainAfterExit = true; | 
					
						
							|  |  |  |       serviceConfig.StandardError = "journal+console"; | 
					
						
							|  |  |  |       serviceConfig.StandardOutput = "journal+console"; | 
					
						
							|  |  |  |      }; | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2014-09-06 21:37:46 +02:00
										 |  |  | } |