Update 'nixos-infect'

Make sure this commit is never merged into master, because the branch contains developers' public keys

nixos-infect

@@ -7,10 +7,18 @@ set -e -o pipefail
 makeConf() {
   # Skip everything if main config already present
   [[ -e /etc/nixos/configuration.nix ]] && return 0
-  if [[ $PASSWORD == null ]]; then
+  if [[ -z $PASSWORD ]]; then
       export PASSWORD=$(printf $ENCODED_PASSWORD | base64 --decode)
   fi
 
+  if [[ -z $DNS_PROVIDER_TYPE ]]; then
+      export DNS_PROVIDER_TYPE='CLOUDFLARE'
+  fi
+
+  if [[ -z $STAGING_ACME ]]; then
+      export STAGING_ACME='false'
+  fi
+
   export ESCAPED_PASSWORD=$(printf $ENCODED_PASSWORD | base64 --decode | jq -Rs .)
   export HASHED_PASSWORD=$( mkpasswd -m sha-512 "$PASSWORD" )
 
@@ -27,6 +35,7 @@ makeConf() {
       && break
   done
   local network_import=""
+  [[ -n "$doNetConf" ]] && network_import="./networking.nix # generated at runtime by nixos-infect"
 
   cat > /etc/nixos/userdata/userdata.json << EOF
 {
@@ -34,17 +43,23 @@ makeConf() {
         "token": "$API_TOKEN",
         "skippedMigrations": ["migrate_to_selfprivacy_channel", "mount_volume"]
     },
-    "backblaze": {
+    "backup": {
+        "provider": "BACKBLAZE",
         "accountId": "$BACKBLAZE_KEY_ID",
         "accountKey": "$BACKBLAZE_ACCOUNT_KEY",
         "bucket": "$BACKBLAZE_BUCKET_NAME"
     },
     "bitwarden": {
         "enable": true,
-        "location": "sdb"
+        "location": "sda"
     },
-    "cloudflare": {
+    "dns": {
-        "apiKey": "$CF_TOKEN"
+        "provider": "$DNS_PROVIDER_TYPE",
+        "apiKey": "$CF_TOKEN",
+        "useStagingACME": $STAGING_ACME
+    },
+    "server": {
+        "provider": "DIGITALOCEAN"
     },
     "databasePassword": "$DB_PASSWORD",
     "domain": "$DOMAIN",
@@ -54,11 +69,11 @@ makeConf() {
         "enable": true,
         "adminPassword": $ESCAPED_PASSWORD,
         "databasePassword": $ESCAPED_PASSWORD,
-        "location": "sdb"
+        "location": "sda"
     },
     "gitea": {
         "enable": true,
-        "location": "sdb"
+        "location": "sda"
     },
     "jitsi": {
         "enable": true
@@ -68,19 +83,26 @@ makeConf() {
     },
     "pleroma": {
         "enable": false,
-        "location": "sdb"
+        "location": "sda"
     },
     "timezone": "Europe/Uzhgorod",
     "resticPassword": $ESCAPED_PASSWORD,
     "username": "$LUSER",
     "volumes": [
       {
-        "device": "/dev/sdb",
+        "device": "/dev/sda",
-        "mountPoint": "/volumes/sdb",
+        "mountPoint": "/volumes/sda",
         "fsType": "ext4"
      }
     ],
-    "useBinds": true
+    "useBinds": true,
+    "ssh": {
+        "rootKeys": [
+            "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAICQmWNN9YccQecQUOB0n4jYH76gEgSAs4d66eFUZoobt inex@inex-pc",
+            "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMNkUTqKof4lWaddRzsrQz+huo4BLJc/2EGmIqieqJbP naiji@laptop",
+            "sk-ssh-ed25519@openssh.com AAAAGnNrLXNzaC1lZDI1NTE5QG9wZW5zc2guY29tAAAAIFuVzlSfuZREjXQmQgOat+NlFrCUhfjioAIfs6DQzhc+AAAABHNzaDo= yubi-A"
+        ]
+    }
 }
 EOF
   chmod 0600 /etc/nixos/userdata/userdata.json
@@ -106,7 +128,10 @@ EOF
   cat > /etc/nixos/hardware-configuration.nix << EOF
 { modulesPath, ... }:
 {
-  imports = [ (modulesPath + "/profiles/qemu-guest.nix") ];
+  imports = [
+    (modulesPath + "/profiles/qemu-guest.nix")
+    $network_import
+  ];
 $bootcfg
   boot.initrd.kernelModules = [ "nvme" ];
   fileSystems."/" = { device = "$rootfsdev"; fsType = "$rootfstype"; };