From 5a3646cb29586c77ccf8f581695445e010c9fe1c Mon Sep 17 00:00:00 2001
From: Daniel Barlow <dan@telent.net>
Date: Wed, 1 May 2024 23:07:11 +0100
Subject: [PATCH] add authorized keys to bordervm

You don't often need this because it has autologin, but sometimes
you want to do antics involving sshing through it to the wan port
of a test device.

Note that you probably wanted to start bordervm with funny qemu
options to even make that possible

 nix-shell --run "QEMU_NET_OPTS=hostfwd=tcp::10022-:22 run-border-vm"
---
 bordervm-configuration.nix | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/bordervm-configuration.nix b/bordervm-configuration.nix
index 90abd30..8baa456 100644
--- a/bordervm-configuration.nix
+++ b/bordervm-configuration.nix
@@ -4,6 +4,10 @@ let
   inherit (lib) mkOption mkEnableOption mdDoc types optional optionals;
 in {
   options.bordervm = {
+    keys = mkOption {
+      type = types.listOf types.str;
+      default = [];
+    };
     l2tp = {
       host = mkOption {
         description = mdDoc ''
@@ -122,6 +126,7 @@ in {
       isNormalUser = true;
       uid = 1000;
       extraGroups = [ "wheel"];
+      openssh.authorizedKeys.keys = cfg.keys;
     };
     services.getty.autologinUser = "liminix";
   };