From 75ffbeba4d59dce5a594060751726b467b40663a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E7=81=AB=E7=84=9A=20=E5=AF=8C=E8=89=AF?= <es@m-labs.hk>
Date: Tue, 30 Jul 2024 11:24:21 +0800
Subject: [PATCH] flake: avoid permissions race window when setting up HITL SSH
 key

---
 flake.nix | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/flake.nix b/flake.nix
index 4f9d16277..56a9d1616 100644
--- a/flake.nix
+++ b/flake.nix
@@ -470,10 +470,9 @@
             ''
             export HOME=`mktemp -d`
             mkdir $HOME/.ssh
-            cp /opt/hydra_id_ed25519 $HOME/.ssh/id_ed25519
-            cp /opt/hydra_id_ed25519.pub $HOME/.ssh/id_ed25519.pub
+            cp --preserve=mode /opt/hydra_id_ed25519 $HOME/.ssh/id_ed25519
+            cp --preserve=mode /opt/hydra_id_ed25519.pub $HOME/.ssh/id_ed25519.pub
             echo "rpi-1 ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIACtBFDVBYoAE4fpJCTANZSE0bcVpTR3uvfNvb80C4i5" > $HOME/.ssh/known_hosts
-            chmod 600 $HOME/.ssh/id_ed25519
             LOCKCTL=$(mktemp -d)
             mkfifo $LOCKCTL/lockctl