windows: Fix SSH key setup

2020-01-20 00:43:44 +00:00 · 2020-01-20 00:43:44 +00:00 · 3d0375c218
parent a5d93aea35
commit 3d0375c218
6 changed files with 45 additions and 34 deletions
--- a/artiq-fast/windows/README.md
+++ b/artiq-fast/windows/README.md
@ -12,9 +12,9 @@ nix-build build.nix
 ```
 Results in a file called c.img

-If in pure mode
+If in "pure" mode
 ```shell
-nix-build build.nix
+nix-build --option sandbox false build.nix
 ls -la ./result
 ```
 Results in a symlink to the image in the nix store
--- a/artiq-fast/windows/autounattend.nix
+++ b/artiq-fast/windows/autounattend.nix
@ -37,31 +37,23 @@ let

  # If we are running in impure mode we can also enable networked services
  impureSetupCommands = let
-    userSSHKeys = lib.flatten (lib.mapAttrsToList (n: v: v.sshKeys or []) users);
-    keyCommands = (
-      builtins.foldl' (
-        acc: key: acc ++ [
-          ''"${key}" | Out-File C:\usersshkey.pub''
-          "ssh-add C:\usersshkey.pub"
-        ]
-      ) [] userSSHKeys
-    ) ++ [ "Remove-Item C:\usersshkey.pub" ];
-
-  in
-    if impureMode then [
-      {
-        Path = "powershell.exe Install-Module -Force OpenSSHUtils -Scope AllUsers";
-        Description = "Install Openssh.";
-      }
-      {
-        Path = "powershell.exe Start-Service ssh-agent";
-        Description = "Start the ssh-agent";
-      }
-      {
-        Path = "powershell.exe Start-Service sshd";
-        Description = "Now start the sshd service";
-      }
-    ] ++ keyCommands else [];
+    makeDirs = lib.mapAttrsToList (n: v: ''mkdir C:\Users\${n}\.ssh'') users;
+    writeKeys = lib.flatten (lib.mapAttrsToList (n: v: builtins.map (key: ''echo "${key}" >> C:\Users\${n}\.ssh\authorized_keys'') (v.sshKeys or [])) users);
+  in makeDirs ++ writeKeys ++ [
+    # TODO: Figure out how to do this step with sandboxing enabled
+    {
+      Path = "powershell.exe Install-PackageProvider -Name nuget -MinimumVersion 2.8.5.201 -Force";
+      Description = "Install Nuget (require to pull in openssh).";
+    }
+    {
+      Path = "powershell.exe Install-Module -Force OpenSSHUtils -Scope AllUsers";
+      Description = "Install Openssh.";
+    }
+    {
+      Path = "powershell.exe Start-Service sshd";
+      Description = "Now start the sshd service";
+    }
+  ];

  assertCommand = c: builtins.typeOf c == "string" || builtins.typeOf c == "set" && builtins.hasAttr "Path" c && builtins.hasAttr "Description" c;

@ -73,7 +65,7 @@ let
      }
    ]
    ++ setupCommands
-    # ++ impureSetupCommands
+    ++ impureSetupCommands
    ++ serviceCommands
    ++ impureShellCommands
    ++ [
--- a/artiq-fast/windows/build.nix
+++ b/artiq-fast/windows/build.nix
@ -15,9 +15,9 @@ win.makeWindowsImage {
  # User accounts
  users = {
    artiq = {
-      # sshKeys = [
-      #   "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEmJW3Z+1ZNNVao2jcipQQxiEN27jtpl40fq3Je+jgir"
-      # ];
+      sshKeys = [
+        "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIEmJW3Z+1ZNNVao2jcipQQxiEN27jtpl40fq3Je+jgir"
+      ];
      password = "1234";
      # description = "Default user";
      # displayName = "Display name";
@ -27,8 +27,7 @@ win.makeWindowsImage {
    };
  };

-  # Will also enable ssh
-  # These impure commands need sandbox disabled or run outside of the sandbox
+  # Build install script & skip building iso
  impureMode = true;

  # impureShellCommands = [
--- a/artiq-fast/windows/nuget/Microsoft.PackageManagement.NuGetProvider.dll
+++ b/artiq-fast/windows/nuget/Microsoft.PackageManagement.NuGetProvider.dll
--- a/artiq-fast/windows/nuget/install.txt
+++ b/artiq-fast/windows/nuget/install.txt
@ -0,0 +1 @@
+C:\Program Files\PackageManagement\ProviderAssemblies\nuget\2.8.5.208
--- a/artiq-fast/windows/win.nix
+++ b/artiq-fast/windows/win.nix
@ -79,14 +79,33 @@ let
      '';
    };

+    opensshutils = pkgs.fetchurl {
+      name = "opensshutils.nupkg";
+      url = "https://www.powershellgallery.com/api/v2/package/OpenSSHUtils/1.0.0.1";
+      sha256 = "11iw0wyi11v684if0nsjgaglxsqnhdn94siq27pd8h34z64l6fq3";
+    };
+
+    nuget = winPkgs.makePkg {
+      name = "nuget-dll";
+      src = ./nuget/Microsoft.PackageManagement.NuGetProvider.dll;
+      installScript = ''
+        mkdir C:\Program Files\PackageManagement\ProviderAssemblies\nuget\2.8.5.208
+        cp Microsoft.PackageManagement.NuGetProvider.dll C:\Program Files\PackageManagement\ProviderAssemblies\nuget\2.8.5.208
+        Import-PackageProvider -Name NuGet -RequiredVersion 2.8.5.201
+      '';
+    };
+
  in
    runQemuCommand "bootstrap-win-pkgs.img" ''
      mkdir pkgs
      mkdir pkgs/bootstrap
      mkdir pkgs/user
+      mkdir pkgs/files

-      cp ${autohotkey} pkgs/bootstrap/"$(stripHash "${autohotkey}")"
+      # cp ${autohotkey} pkgs/bootstrap/"$(stripHash "${autohotkey}")"
      cp ${bundleInstaller} pkgs/"$(stripHash "${bundleInstaller}")"
+      cp ${nuget} pkgs/bootstrap/"$(stripHash "${nuget}")"
+      cp ${opensshutils} pkgs/files/"$(stripHash "${opensshutils}")"

      ${lib.concatStringsSep "\n" (builtins.map (x: ''cp ${x} pkgs/bootstrap/"$(stripHash "${x}")"'') packages)}
				`@ -0,0 +1 @@`
				`C:\Program Files\PackageManagement\ProviderAssemblies\nuget\2.8.5.208`