root unlocking is more restrictive

akin to asking for a password
This commit is contained in:
Motiejus Jakštys 2023-07-23 16:04:45 +03:00
parent 9c116fa8c7
commit 6c9cb09a6f

View File

@ -156,14 +156,13 @@ in {
];
authorizedKeys = cfg.sshUnlock.authorizedKeys;
};
# FIXME vendored change by motiejus
#postCommands = ''
# tee -a /root/.profile >/dev/null <<EOF
# if zfs load-key rpool/nixos; then
# pkill zfs
# fi
# exit
# EOF'';
postCommands = ''
tee -a /root/.profile >/dev/null <<EOF
if zfs load-key rpool/nixos; then
pkill zfs
fi
exit
EOF'';
};
};
})